./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor3811299508

<...>
Warning: Permanently added '10.128.1.178' (ED25519) to the list of known hosts.
execve("./syz-executor3811299508", ["./syz-executor3811299508"], 0x7ffec93ef3a0 /* 10 vars */) = 0
brk(NULL)                               = 0x555555bba000
brk(0x555555bbae00)                     = 0x555555bbae00
arch_prctl(ARCH_SET_FS, 0x555555bba480) = 0
set_tid_address(0x555555bba750)         = 294
set_robust_list(0x555555bba760, 24)     = 0
rseq(0x555555bbada0, 0x20, 0, 0x53053053) = -1 ENOSYS (Function not implemented)
prlimit64(0, RLIMIT_STACK, NULL, {rlim_cur=8192*1024, rlim_max=RLIM64_INFINITY}) = 0
readlink("/proc/self/exe", "/root/syz-executor3811299508", 4096) = 28
getrandom("\xb0\x74\x9d\xcc\x70\x13\x68\x96", 8, GRND_NONBLOCK) = 8
brk(NULL)                               = 0x555555bbae00
brk(0x555555bdbe00)                     = 0x555555bdbe00
brk(0x555555bdc000)                     = 0x555555bdc000
mprotect(0x7f46a638a000, 16384, PROT_READ) = 0
mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000
mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000
mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000
rt_sigaction(SIGRTMIN, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGRT_1, {sa_handler=SIG_IGN, sa_mask=[], sa_flags=0}, NULL, 8) = 0
rt_sigaction(SIGSEGV, {sa_handler=0x7f46a62e3920, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f46a62ec3b0}, NULL, 8) = 0
rt_sigaction(SIGBUS, {sa_handler=0x7f46a62e3920, sa_mask=[], sa_flags=SA_RESTORER|SA_NODEFER|SA_SIGINFO, sa_restorer=0x7f46a62ec3b0}, NULL, 8) = 0
clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 295 attached
, child_tidptr=0x555555bba750) = 295
[pid   295] set_robust_list(0x555555bba760, 24) = 0
[pid   295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   295] <... clone resumed>, child_tidptr=0x555555bba750) = 296
./strace-static-x86_64: Process 296 attached
[pid   296] set_robust_list(0x555555bba760, 24) = 0
[pid   296] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   296] setpgid(0, 0)               = 0
[pid   296] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   296] write(3, "1000", 4)         = 4
[pid   296] close(3)                    = 0
[pid   296] write(1, "executing program\n", 18executing program
) = 18
[pid   296] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72./strace-static-x86_64: Process 297 attached
 <unfinished ...>
[pid   294] <... clone resumed>, child_tidptr=0x555555bba750) = 297
[pid   294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   297] set_robust_list(0x555555bba760, 24) = 0
[pid   294] <... clone resumed>, child_tidptr=0x555555bba750) = 298
./strace-static-x86_64: Process 298 attached
[pid   294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   298] set_robust_list(0x555555bba760, 24) = 0
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bba750) = 299
./strace-static-x86_64: Process 299 attached
[pid   299] set_robust_list(0x555555bba760, 24) = 0
[pid   294] <... clone resumed>, child_tidptr=0x555555bba750) = 300
[pid   299] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   294] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   299] setpgid(0, 0)               = 0
[pid   299] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   299] write(3, "1000", 4executing program
)         = 4
[pid   299] close(3)                    = 0
[pid   299] write(1, "executing program\n", 18) = 18
[pid   299] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72./strace-static-x86_64: Process 300 attached
 <unfinished ...>
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   296] <... bpf resumed>)          = 3
[pid   294] <... clone resumed>, child_tidptr=0x555555bba750) = 301
[pid   300] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   296] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4./strace-static-x86_64: Process 302 attached
./strace-static-x86_64: Process 301 attached
 <unfinished ...>
[pid   300] <... set_robust_list resumed>) = 0
[pid   299] <... bpf resumed>)          = 3
[pid   297] <... clone resumed>, child_tidptr=0x555555bba750) = 302
[pid   296] <... bpf resumed>)          = 0
[pid   301] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   299] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   296] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   301] <... set_robust_list resumed>) = 0
[pid   299] <... bpf resumed>)          = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   300] <... clone resumed>, child_tidptr=0x555555bba750) = 303
[pid   299] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   301] <... clone resumed>, child_tidptr=0x555555bba750) = 304
[pid   302] set_robust_list(0x555555bba760, 24) = 0
[pid   302] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   302] setpgid(0, 0)               = 0
[pid   302] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC./strace-static-x86_64: Process 304 attached
./strace-static-x86_64: Process 303 attached
) = 3
[pid   302] write(3, "1000", 4)         = 4
[pid   302] close(3)                    = 0
executing program
[pid   302] write(1, "executing program\n", 18) = 18
[   22.766101][   T30] audit: type=1400 audit(1716266289.247:66): avc:  denied  { execmem } for  pid=294 comm="syz-executor381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=process permissive=1
[   22.778523][   T30] audit: type=1400 audit(1716266289.267:67): avc:  denied  { map_create } for  pid=299 comm="syz-executor381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   22.782215][   T30] audit: type=1400 audit(1716266289.267:68): avc:  denied  { map_create } for  pid=296 comm="syz-executor381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   22.785652][   T30] audit: type=1400 audit(1716266289.267:69): avc:  denied  { perfmon } for  pid=296 comm="syz-executor381" capability=38  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[pid   302] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   302] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   302] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   304] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   303] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   304] <... set_robust_list resumed>) = 0
[pid   303] <... set_robust_list resumed>) = 0
[pid   304] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   303] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   304] <... prctl resumed>)        = 0
[pid   303] <... prctl resumed>)        = 0
[pid   304] setpgid(0, 0 <unfinished ...>
[pid   303] setpgid(0, 0 <unfinished ...>
[pid   304] <... setpgid resumed>)      = 0
[pid   303] <... setpgid resumed>)      = 0
[pid   304] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   303] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   304] write(3, "1000", 4 <unfinished ...>
[pid   303] <... openat resumed>)       = 3
[pid   304] <... write resumed>)        = 4
[pid   303] write(3, "1000", 4)         = 4
[pid   304] close(3)                    = 0
[pid   303] close(3 <unfinished ...>
[pid   304] write(1, "executing program\n", 18 <unfinished ...>
[pid   303] <... close resumed>)        = 0
executing program
[pid   304] <... write resumed>)        = 18
[pid   303] write(1, "executing program\n", 18executing program
 <unfinished ...>
[pid   304] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   303] <... write resumed>)        = 18
[pid   303] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   304] <... bpf resumed>)          = 3
[pid   303] <... bpf resumed>)          = 3
[pid   304] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   303] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   304] <... bpf resumed>)          = 0
[pid   303] <... bpf resumed>)          = 0
[pid   304] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[   22.805498][   T30] audit: type=1400 audit(1716266289.267:70): avc:  denied  { map_read map_write } for  pid=296 comm="syz-executor381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   22.825683][   T30] audit: type=1400 audit(1716266289.267:71): avc:  denied  { bpf } for  pid=296 comm="syz-executor381" capability=39  scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=capability2 permissive=1
[   22.846645][   T30] audit: type=1400 audit(1716266289.277:72): avc:  denied  { prog_load } for  pid=296 comm="syz-executor381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[pid   303] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   302] <... bpf resumed>)          = 4
[pid   299] <... bpf resumed>)          = 4
[pid   296] <... bpf resumed>)          = 4
[pid   299] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   304] <... bpf resumed>)          = 4
[pid   299] <... bpf resumed>)          = 5
[pid   299] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   299] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   299] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   303] <... bpf resumed>)          = 4
[pid   299] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   299] recvmsg(-1, NULL, MSG_OOB)  = -1 EBADF (Bad file descriptor)
[pid   299] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   299] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   299] socketpair(AF_UNIX, SOCK_STREAM, 0, NULL) = -1 EFAULT (Bad address)
[pid   299] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   304] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   303] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   299] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   302] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   296] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   299] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   304] <... bpf resumed>)          = 5
[pid   303] <... bpf resumed>)          = 5
[pid   302] <... bpf resumed>)          = 5
[pid   296] <... bpf resumed>)          = 5
[pid   304] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   303] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   302] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   296] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   304] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   303] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   302] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   296] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   304] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   303] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   302] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   299] <... bpf resumed>)          = 6
[pid   296] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   304] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   303] recvmsg(-1, NULL, 0 <unfinished ...>
[   23.058594][   T30] audit: type=1400 audit(1716266289.547:73): avc:  denied  { prog_run } for  pid=299 comm="syz-executor381" scontext=root:sysadm_r:sysadm_t tcontext=root:sysadm_r:sysadm_t tclass=bpf permissive=1
[   23.083548][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   23.094945][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   23.102321][  T291] Modules linked in:
[   23.106020][  T291] Preemption disabled at:
[   23.106026][  T291] [<ffffffff81529686>] remove_wait_queue+0x26/0x140
[   23.116784][  T291] CPU: 0 PID: 291 Comm: strace-static-x Not tainted 5.15.149-syzkaller-00490-g5d96939590c0 #0
[   23.126851][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   23.136861][  T291] Call Trace:
[   23.139979][  T291]  <TASK>
[   23.142757][  T291]  dump_stack_lvl+0x151/0x1b7
[   23.147530][  T291]  ? remove_wait_queue+0x26/0x140
[   23.152389][  T291]  ? remove_wait_queue+0x26/0x140
[   23.157253][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   23.162894][  T291]  ? remove_wait_queue+0x26/0x140
[   23.167785][  T291]  dump_stack+0x15/0x17
[   23.171745][  T291]  __schedule_bug+0x195/0x260
[   23.176270][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   23.181378][  T291]  ? kernel_waitid+0x520/0x520
[   23.185982][  T291]  __schedule+0xd19/0x1590
[   23.190230][  T291]  ? __x64_sys_wait4+0x181/0x1e0
[   23.195005][  T291]  ? __sched_text_start+0x8/0x8
[   23.199694][  T291]  schedule+0x11f/0x1e0
[   23.203688][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   23.208719][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   23.214014][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   23.219395][  T291]  do_syscall_64+0x49/0xb0
[   23.223649][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.229381][  T291] RIP: 0033:0x4d49a6
[   23.233110][  T291] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
[pid   299] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   304] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   303] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   302] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   299] <... bpf resumed>)          = 7
[pid   296] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   299] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   303] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   299] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   304] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   299] close(-1)                   = -1 EBADF (Bad file descriptor)
[pid   299] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   299] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   303] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   304] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   299] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   299] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   299] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   304] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   303] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   299] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   299] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   304] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   303] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   299] exit_group(0)               = ?
[pid   304] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   303] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   302] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   299] +++ exited with 0 +++
[pid   296] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   304] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   303] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=299, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   304] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   303] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   304] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   303] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   304] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   303] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   304] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   303] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   304] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   303] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   302] recvmsg(-1, NULL, MSG_OOB)  = -1 EBADF (Bad file descriptor)
[pid   302] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   302] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   302] socketpair(AF_UNIX, SOCK_STREAM, 0, NULL) = -1 EFAULT (Bad address)
[pid   302] ioctl(-1, FIOASYNC, NULL)   = -1 EBADF (Bad file descriptor)
[pid   302] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   304] <... bpf resumed>)          = 6
[pid   302] <... bpf resumed>)          = 6
[pid   302] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   298] <... clone resumed>, child_tidptr=0x555555bba750) = 305
[pid   296] recvmsg(-1, NULL, MSG_OOB./strace-static-x86_64: Process 305 attached
 <unfinished ...>
[pid   304] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   303] <... bpf resumed>)          = 6
[pid   305] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   303] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   305] <... set_robust_list resumed>) = 0
[pid   305] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   305] setpgid(0, 0)               = 0
[pid   305] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   305] write(3, "1000", 4)         = 4
[pid   305] close(3)                    = 0
executing program
[pid   305] write(1, "executing program\n", 18) = 18
[pid   305] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   305] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   305] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   296] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   305] <... bpf resumed>)          = 4
[pid   296] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   305] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   296] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   296] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   296] socketpair(AF_UNIX, SOCK_STREAM, 0, NULL) = -1 EFAULT (Bad address)
[pid   296] ioctl(-1, FIOASYNC, NULL)   = -1 EBADF (Bad file descriptor)
[pid   296] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 6
[pid   296] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   304] <... bpf resumed>)          = 7
[pid   305] <... bpf resumed>)          = 5
[   23.252637][  T291] RSP: 002b:00007ffec93ef0b8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[   23.260880][  T291] RAX: 000000000000012f RBX: 0000000000000001 RCX: 00000000004d49a6
[   23.268691][  T291] RDX: 0000000040000001 RSI: 00007ffec93ef0dc RDI: 00000000ffffffff
[   23.276503][  T291] RBP: 0000000001477620 R08: 0000000000000000 R09: 0000000000000000
[   23.284316][  T291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000147d400
[   23.292127][  T291] R13: 0000000000000130 R14: 00007ffec93ef0dc R15: 0000000000617180
[   23.300030][  T291]  </TASK>
[   23.319173][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   23.330642][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   23.336986][  T288] Modules linked in:
[   23.340791][  T288] Preemption disabled at:
[   23.340799][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   23.351769][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   23.362240][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   23.372132][  T288] Call Trace:
[   23.375260][  T288]  <TASK>
[   23.378036][  T288]  dump_stack_lvl+0x151/0x1b7
[   23.382547][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   23.387842][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   23.393140][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   23.398604][  T288]  ? fsnotify_perm+0x470/0x5d0
[   23.403206][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   23.408503][  T288]  dump_stack+0x15/0x17
[   23.412491][  T288]  __schedule_bug+0x195/0x260
[   23.417008][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   23.422125][  T288]  ? bpf_bprintf_cleanup+0x3f/0x60
[   23.427162][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   23.432456][  T288]  __schedule+0xd19/0x1590
[   23.436708][  T288]  ? __kasan_check_read+0x11/0x20
[   23.441567][  T288]  ? __fdget_pos+0x209/0x3a0
[   23.445996][  T288]  ? __sched_text_start+0x8/0x8
[   23.450681][  T288]  ? ksys_read+0x24f/0x2c0
[   23.454936][  T288]  ? __x64_sys_rt_sigprocmask+0xb0/0xb0
[   23.460314][  T288]  schedule+0x11f/0x1e0
[   23.464320][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   23.469341][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   23.474636][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   23.480017][  T288]  do_syscall_64+0x49/0xb0
[   23.484270][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.489997][  T288] RIP: 0033:0x7f63542a3b6a
[   23.494253][  T288] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83
[pid   303] <... bpf resumed>)          = 7
[pid   302] <... bpf resumed>)          = 7
[pid   296] <... bpf resumed>)          = 7
[pid   305] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   304] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   303] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   305] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   304] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   305] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   304] close(-1 <unfinished ...>
[pid   305] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   304] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   305] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   304] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   305] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   304] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   305] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   304] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   305] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   304] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   305] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   304] write(-1, NULL, 206336 <unfinished ...>
[pid   305] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   304] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   305] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   304] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   305] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   304] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   305] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   304] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   305] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   304] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   305] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   304] exit_group(0 <unfinished ...>
[pid   305] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73executing program
 <unfinished ...>
[pid   304] <... exit_group resumed>)   = ?
[pid   305] <... bpf resumed>)          = 6
[pid   304] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=304, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   305] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16) = 7
[pid   305] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   305] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   305] close(-1 <unfinished ...>
[pid   301] <... clone resumed>, child_tidptr=0x555555bba750) = 306
[pid   305] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   305] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   305] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = -1 EFAULT (Bad address)
[pid   305] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   305] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   305] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   305] exit_group(0)               = ?
[pid   305] +++ exited with 0 +++
[pid   302] recvmsg(-1, NULL, 0)        = -1 EBADF (Bad file descriptor)
[pid   302] close(-1)                   = -1 EBADF (Bad file descriptor)
[pid   302] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   302] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = -1 EFAULT (Bad address)
[pid   302] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   302] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   302] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   302] exit_group(0)               = ?
[pid   302] +++ exited with 0 +++
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=302, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bba750) = 307
./strace-static-x86_64: Process 307 attached
[pid   307] set_robust_list(0x555555bba760, 24) = 0
[pid   307] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   307] setpgid(0, 0)               = 0
[pid   307] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   307] write(3, "1000", 4)         = 4
[pid   307] close(3)                    = 0
[pid   307] write(1, "executing program\n", 18) = 18
[pid   307] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   307] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=305, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   303] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   298] <... clone resumed>, child_tidptr=0x555555bba750) = 309
[pid   303] close(-1)                   = -1 EBADF (Bad file descriptor)
./strace-static-x86_64: Process 306 attached
[pid   303] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   306] set_robust_list(0x555555bba760, 24) = 0
[pid   303] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   303] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   296] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   303] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   296] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
./strace-static-x86_64: Process 309 attached
[pid   303] write(-1, NULL, 206336 <unfinished ...>
[pid   296] close(-1 <unfinished ...>
[pid   309] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   303] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   296] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   309] <... set_robust_list resumed>) = 0
[pid   303] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   296] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   303] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   296] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   309] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   303] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   296] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   303] exit_group(0 <unfinished ...>
[pid   309] <... prctl resumed>)        = 0
[pid   303] <... exit_group resumed>)   = ?
[pid   296] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   309] setpgid(0, 0 <unfinished ...>
[pid   306] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   306] setpgid(0, 0 <unfinished ...>
[pid   309] <... setpgid resumed>)      = 0
[pid   296] write(-1, NULL, 206336 <unfinished ...>
[pid   309] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   296] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   309] <... openat resumed>)       = 3
[pid   296] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   309] write(3, "1000", 4 <unfinished ...>
[pid   296] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   309] <... write resumed>)        = 4
[   23.513699][  T288] RSP: 002b:00007ffd3094cfc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   23.521949][  T288] RAX: 0000000000000985 RBX: 0000000000000000 RCX: 00007f63542a3b6a
[   23.529749][  T288] RDX: 0000000000004000 RSI: 00007ffd3094cfe8 RDI: 0000000000000009
[   23.537562][  T288] RBP: 000055a0aa84d3f0 R08: 0000000000000000 R09: 0000000000000000
[   23.545373][  T288] R10: 00007ffd3094cfe8 R11: 0000000000000246 R12: 000055a0aa845460
[   23.553185][  T288] R13: 000055a0a9936937 R14: 000055a0a9939480 R15: 000055a0aa845460
[   23.561010][  T288]  </TASK>
[pid   296] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[   23.572377][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000102, exited with 00000101?
[   23.583991][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   23.591596][  T291] Modules linked in:
[   23.595264][  T291] Preemption disabled at:
[   23.595272][  T291] [<ffffffff81529686>] remove_wait_queue+0x26/0x140
[   23.605858][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   23.617307][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   23.627214][  T291] Call Trace:
[   23.630327][  T291]  <TASK>
[   23.633118][  T291]  dump_stack_lvl+0x151/0x1b7
[   23.637617][  T291]  ? remove_wait_queue+0x26/0x140
[   23.642478][  T291]  ? remove_wait_queue+0x26/0x140
[   23.647339][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   23.652813][  T291]  ? remove_wait_queue+0x26/0x140
[   23.657755][  T291]  dump_stack+0x15/0x17
[   23.661745][  T291]  __schedule_bug+0x195/0x260
[   23.666268][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   23.671381][  T291]  ? kernel_waitid+0x520/0x520
[   23.675982][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   23.681016][  T291]  __schedule+0xd19/0x1590
[   23.685269][  T291]  ? __x64_sys_wait4+0x181/0x1e0
[   23.690041][  T291]  ? bpf_trace_run2+0xf1/0x210
[   23.694638][  T291]  ? __sched_text_start+0x8/0x8
[   23.699474][  T291]  schedule+0x11f/0x1e0
[   23.703459][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   23.708493][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   23.713787][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   23.719191][  T291]  do_syscall_64+0x49/0xb0
[   23.723457][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   23.729151][  T291] RIP: 0033:0x4d49a6
[   23.733023][  T291] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
[   23.752453][  T291] RSP: 002b:00007ffec93ef0b8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[   23.760705][  T291] RAX: 0000000000000135 RBX: 0000000000000001 RCX: 00000000004d49a6
[pid   309] close(3 <unfinished ...>
[pid   296] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   309] <... close resumed>)        = 0
[pid   307] <... bpf resumed>)          = 4
[pid   306] <... setpgid resumed>)      = 0
[pid   309] write(1, "executing program\n", 18executing program
 <unfinished ...>
[pid   307] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   306] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   296] exit_group(0 <unfinished ...>
[pid   309] <... write resumed>)        = 18
[pid   306] <... openat resumed>)       = 3
[pid   296] <... exit_group resumed>)   = ?
[pid   309] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   306] write(3, "1000", 4 <unfinished ...>
[pid   309] <... bpf resumed>)          = 3
[pid   306] <... write resumed>)        = 4
[pid   309] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   306] close(3 <unfinished ...>
[pid   309] <... bpf resumed>)          = 0
[pid   306] <... close resumed>)        = 0
[pid   309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   306] write(1, "executing program\n", 18executing program
) = 18
[pid   306] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[   23.768525][  T291] RDX: 0000000040000001 RSI: 00007ffec93ef0dc RDI: 00000000ffffffff
[   23.776407][  T291] RBP: 0000000001476cf0 R08: 0000000000000000 R09: 0000000000000000
[   23.784565][  T291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000147d400
[   23.792471][  T291] R13: 0000000000000128 R14: 00007ffec93ef0dc R15: 0000000000617180
[   23.800279][  T291]  </TASK>
[   23.808402][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000102, exited with 00000101?
[   23.820840][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   23.827482][  T288] Modules linked in:
[   23.831135][  T288] Preemption disabled at:
[   23.831144][  T288] [<ffffffff81bcac33>] pipe_read+0x5b3/0x1040
[   23.841196][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   23.851760][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   23.861656][  T288] Call Trace:
[   23.864790][  T288]  <TASK>
[   23.867559][  T288]  dump_stack_lvl+0x151/0x1b7
[   23.872064][  T288]  ? pipe_read+0x5b3/0x1040
[   23.876440][  T288]  ? pipe_read+0x5b3/0x1040
[   23.880853][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   23.886327][  T288]  ? __kasan_slab_alloc+0x63/0xe0
[   23.891185][  T288]  ? pipe_read+0x5b3/0x1040
[   23.895515][  T288]  dump_stack+0x15/0x17
[   23.899515][  T288]  __schedule_bug+0x195/0x260
[   23.904022][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   23.909149][  T288]  __schedule+0xd19/0x1590
[   23.913399][  T288]  ? __sched_text_start+0x8/0x8
[   23.918083][  T288]  schedule+0x11f/0x1e0
[   23.922078][  T288]  schedule_hrtimeout_range_clock+0x228/0x3a0
[   23.927975][  T288]  ? hrtimer_nanosleep_restart+0x170/0x170
[   23.933621][  T288]  ? add_wait_queue+0x189/0x1c0
[   23.938306][  T288]  ? __remove_hrtimer+0x4d0/0x4d0
[   23.943168][  T288]  ? __pollwait+0x2f5/0x3f0
[   23.947507][  T288]  ? poll_initwait+0x160/0x160
[   23.952137][  T288]  schedule_hrtimeout_range+0x2a/0x40
[   23.957312][  T288]  do_sys_poll+0xe20/0x12d0
[   23.961654][  T288]  ? poll_select_finish+0x7b0/0x7b0
[   23.966685][  T288]  ? __x64_compat_sys_ppoll_time64+0xd0/0xd0
[   23.972503][  T288]  ? __x64_compat_sys_ppoll_time64+0xd0/0xd0
[   23.978323][  T288]  ? __x64_compat_sys_ppoll_time64+0xd0/0xd0
[   23.984129][  T288]  ? __x64_compat_sys_ppoll_time64+0xd0/0xd0
[   23.989962][  T288]  ? _raw_spin_lock_irqsave+0x210/0x210
[   23.995331][  T288]  ? __kasan_check_write+0x14/0x20
[   24.000275][  T288]  ? recalc_sigpending+0x1a5/0x230
[   24.005224][  T288]  ? _raw_spin_unlock_irq+0x4e/0x70
[   24.010261][  T288]  ? sigprocmask+0x280/0x280
[   24.014690][  T288]  ? set_current_blocked+0x40/0x40
[   24.019636][  T288]  __se_sys_ppoll+0x29c/0x330
[   24.024141][  T288]  ? __x64_sys_ppoll+0xd0/0xd0
[   24.028749][  T288]  __x64_sys_ppoll+0xbf/0xd0
[   24.033168][  T288]  do_syscall_64+0x3d/0xb0
[   24.037423][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   24.043236][  T288] RIP: 0033:0x7f63542a6ad5
[   24.047494][  T288] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83
[pid   306] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   306] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   306] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   309] <... bpf resumed>)          = 4
[pid   309] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16) = 5
[pid   307] <... bpf resumed>)          = 5
[pid   306] <... bpf resumed>)          = 5
[pid   303] +++ exited with 0 +++
[pid   296] +++ exited with 0 +++
[pid   309] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   306] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=303, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   307] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=296, si_uid=0, si_status=0, si_utime=0, si_stime=24} ---
[pid   309] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   307] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   306] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   309] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   307] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   306] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   309] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   307] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   306] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   309] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   307] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   306] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
./strace-static-x86_64: Process 310 attached
[pid   310] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   309] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   307] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   306] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   295] <... clone resumed>, child_tidptr=0x555555bba750) = 311
./strace-static-x86_64: Process 311 attached
[pid   309] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   307] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   306] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   300] <... clone resumed>, child_tidptr=0x555555bba750) = 310
[pid   309] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   307] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   306] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   311] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   309] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   307] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   306] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   311] <... set_robust_list resumed>) = 0
[pid   309] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   307] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   306] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   309] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   307] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   306] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   311] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   309] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   307] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   306] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   311] <... prctl resumed>)        = 0
[pid   309] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   307] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   309] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   306] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   307] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   311] setpgid(0, 0 <unfinished ...>
[pid   309] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   306] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   311] <... setpgid resumed>)      = 0
[pid   307] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   309] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   306] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   311] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   307] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   310] <... set_robust_list resumed>) = 0
[pid   310] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   310] setpgid(0, 0)               = 0
[pid   310] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   309] <... bpf resumed>)          = 6
[pid   306] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   310] <... openat resumed>)       = 3
[pid   310] write(3, "1000", 4 <unfinished ...>
[pid   307] <... bpf resumed>)          = 6
[pid   310] <... write resumed>)        = 4
[pid   310] close(3)                    = 0
[pid   310] write(1, "executing program\n", 18 <unfinished ...>
[pid   306] <... bpf resumed>)          = 6
[pid   309] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   307] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   306] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   311] <... openat resumed>)       = 3
[pid   311] write(3, "1000", 4)         = 4
[pid   311] close(3)                    = 0
[pid   311] write(1, "executing program\n", 18executing program
) = 18
[pid   311] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   311] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144executing program
 <unfinished ...>
[pid   310] <... write resumed>)        = 18
[pid   311] <... bpf resumed>)          = 4
[pid   310] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   311] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   310] <... bpf resumed>)          = 3
[pid   310] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   310] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   311] <... bpf resumed>)          = 5
[pid   309] <... bpf resumed>)          = 7
[pid   307] <... bpf resumed>)          = 7
[pid   306] <... bpf resumed>)          = 7
[   24.067026][  T288] RSP: 002b:00007ffd309510f0 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[   24.075269][  T288] RAX: ffffffffffffffda RBX: 00000000000668a0 RCX: 00007f63542a6ad5
[   24.083072][  T288] RDX: 00007ffd30951110 RSI: 0000000000000004 RDI: 000055a0aa846890
[   24.090887][  T288] RBP: 000055a0aa845460 R08: 0000000000000008 R09: 0000000000000000
[   24.098704][  T288] R10: 00007ffd309511f8 R11: 0000000000000246 R12: 000055a0a992daa4
[   24.106511][  T288] R13: 0000000000000001 R14: 000055a0a992e3e8 R15: 00007ffd30951178
[   24.114333][  T288]  </TASK>
[   24.138861][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   24.150316][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   24.157785][  T291] Modules linked in:
[   24.161498][  T291] Preemption disabled at:
[   24.161505][  T291] [<ffffffff81529686>] remove_wait_queue+0x26/0x140
[   24.172211][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   24.183629][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   24.193521][  T291] Call Trace:
[   24.196639][  T291]  <TASK>
[   24.199420][  T291]  dump_stack_lvl+0x151/0x1b7
[   24.203933][  T291]  ? remove_wait_queue+0x26/0x140
[   24.208791][  T291]  ? remove_wait_queue+0x26/0x140
[   24.213654][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   24.219122][  T291]  ? remove_wait_queue+0x26/0x140
[   24.223983][  T291]  dump_stack+0x15/0x17
[   24.227974][  T291]  __schedule_bug+0x195/0x260
[   24.232501][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   24.237607][  T291]  ? kernel_waitid+0x520/0x520
[   24.242205][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   24.247350][  T291]  __schedule+0xd19/0x1590
[   24.251607][  T291]  ? __x64_sys_wait4+0x181/0x1e0
[   24.256391][  T291]  ? bpf_trace_run2+0xf1/0x210
[   24.260976][  T291]  ? __sched_text_start+0x8/0x8
[   24.265663][  T291]  schedule+0x11f/0x1e0
[   24.269656][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   24.274688][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   24.279981][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   24.285369][  T291]  do_syscall_64+0x49/0xb0
[   24.289618][  T291]  ? sysvec_call_function_single+0x52/0xb0
[   24.295261][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   24.300987][  T291] RIP: 0033:0x4d49a6
[   24.304722][  T291] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
[   24.324444][  T291] RSP: 002b:00007ffec93ef0b8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[pid   311] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   310] <... bpf resumed>)          = 5
[pid   309] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   307] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   306] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   311] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   310] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   309] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   307] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   306] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   311] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   310] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   309] close(-1 <unfinished ...>
[pid   307] close(-1 <unfinished ...>
[   24.332666][  T291] RAX: 0000000000000135 RBX: 0000000000000002 RCX: 00000000004d49a6
[   24.340486][  T291] RDX: 0000000040000001 RSI: 00007ffec93ef0dc RDI: 00000000ffffffff
[   24.348288][  T291] RBP: 0000000001476cf0 R08: 0000000000000000 R09: 0000000000000000
[   24.356101][  T291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000147d490
[   24.363913][  T291] R13: 0000000000000136 R14: 00007ffec93ef0dc R15: 0000000000617180
[   24.371727][  T291]  </TASK>
[   24.381242][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   24.382281][    C1] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   24.392737][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   24.404099][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   24.404114][  T291] Modules linked in:
[   24.404124][  T291] Preemption disabled at:
[   24.404128][  T291] [<ffffffff81446d39>] __se_sys_ptrace+0x229/0x400
[   24.410510][  T288] Modules linked in:
[   24.410519][  T288] Preemption disabled at:
[   24.410523][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   24.410551][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   24.457798][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   24.467700][  T288] Call Trace:
[   24.470848][  T288]  <TASK>
[   24.473595][  T288]  dump_stack_lvl+0x151/0x1b7
[   24.478116][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   24.483405][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   24.488705][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   24.494277][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   24.499548][  T288]  dump_stack+0x15/0x17
[   24.503537][  T288]  __schedule_bug+0x195/0x260
[   24.508065][  T288]  ? __kasan_check_write+0x14/0x20
[   24.513001][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   24.518119][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   24.523414][  T288]  __schedule+0xd19/0x1590
[   24.527668][  T288]  ? __kasan_check_read+0x11/0x20
[   24.532532][  T288]  ? _copy_to_user+0x78/0x90
[   24.536954][  T288]  ? __sched_text_start+0x8/0x8
[   24.541641][  T288]  ? __se_sys_rt_sigprocmask+0x311/0x380
[   24.547109][  T288]  ? __x64_sys_rt_sigprocmask+0xb0/0xb0
[   24.552493][  T288]  schedule+0x11f/0x1e0
[   24.556484][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   24.561515][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   24.566901][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   24.572277][  T288]  do_syscall_64+0x49/0xb0
[   24.576558][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   24.582262][  T288] RIP: 0033:0x7f635424f773
[   24.586516][  T288] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41
[   24.606096][  T288] RSP: 002b:00007ffd30951110 EFLAGS: 00000246 ORIG_RAX: 000000000000000e
[   24.614338][  T288] RAX: 0000000000000000 RBX: 0000000000060000 RCX: 00007f635424f773
[   24.622145][  T288] RDX: 00007ffd309511f8 RSI: 00007ffd30951178 RDI: 0000000000000001
[   24.630047][  T288] RBP: 000055a0aa845460 R08: 0000000000000001 R09: 0000000000000000
[   24.637942][  T288] R10: 0000000000000008 R11: 0000000000000246 R12: 000055a0a992daa4
[   24.645752][  T288] R13: 0000000000000018 R14: 000055a0a992e3e8 R15: 00007ffd30951178
[   24.653754][  T288]  </TASK>
[   24.656813][  T291] CPU: 1 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   24.668240][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   24.678129][  T291] Call Trace:
[   24.681255][  T291]  <TASK>
[   24.684034][  T291]  dump_stack_lvl+0x151/0x1b7
[   24.688542][  T291]  ? __se_sys_ptrace+0x229/0x400
[   24.693400][  T291]  ? __se_sys_ptrace+0x229/0x400
[   24.698188][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   24.703644][  T291]  ? __se_sys_ptrace+0x229/0x400
[   24.708522][  T291]  dump_stack+0x15/0x17
[   24.712506][  T291]  __schedule_bug+0x195/0x260
[   24.717017][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   24.722140][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   24.727782][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   24.732833][  T291]  __schedule+0xd19/0x1590
[   24.737070][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   24.742451][  T291]  ? bpf_trace_run2+0xf1/0x210
[   24.747052][  T291]  ? __sched_text_start+0x8/0x8
[   24.751738][  T291]  ? ptrace_check_attach+0x323/0x420
[   24.756894][  T291]  schedule+0x11f/0x1e0
[   24.760855][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   24.765888][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   24.771177][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   24.776560][  T291]  do_syscall_64+0x49/0xb0
[   24.780812][  T291]  ? sysvec_call_function_single+0x52/0xb0
[   24.786452][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   24.792183][  T291] RIP: 0033:0x4e6c1a
[   24.795917][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   24.815355][  T291] RSP: 002b:00007ffec93eefa0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[   24.823603][  T291] RAX: 0000000000000000 RBX: 00000000014752f8 RCX: 00000000004e6c1a
[   24.831412][  T291] RDX: 0000000000000000 RSI: 000000000000012c RDI: 0000000000000018
[pid   306] close(-1 <unfinished ...>
[pid   310] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   309] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   307] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   306] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   310] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   309] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   307] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   310] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   309] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   306] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   311] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   310] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   307] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   311] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   310] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   309] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   307] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   306] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   311] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[   24.839225][  T291] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000000
[   24.847123][  T291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000001477230
[   24.854934][  T291] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180
[   24.862749][  T291]  </TASK>
[   24.866964][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   24.871286][    C1] softirq: huh, entered softirq 6 TASKLET ffffffff8142f670 with preempt_count 00000103, exited with 00000102?
[   24.878496][   T82] BUG: scheduling while atomic: syslogd/82/0x00000002
[   24.889979][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   24.889994][  T288] Modules linked in:
[   24.890016][  T288] Preemption disabled at:
[   24.890021][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   24.890054][  T288] CPU: 1 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   24.890074][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   24.890085][  T288] Call Trace:
[   24.890090][  T288]  <TASK>
[   24.890096][  T288]  dump_stack_lvl+0x151/0x1b7
[   24.890116][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   24.890135][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   24.890155][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   24.890176][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   24.890197][  T288]  dump_stack+0x15/0x17
[   24.890214][  T288]  __schedule_bug+0x195/0x260
[   24.890235][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   24.890255][  T288]  ? bpf_bprintf_cleanup+0x3f/0x60
[   24.890274][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   24.890297][  T288]  __schedule+0xd19/0x1590
[   24.890318][  T288]  ? __kasan_check_read+0x11/0x20
[   24.890338][  T288]  ? __fdget_pos+0x209/0x3a0
[   24.890356][  T288]  ? __sched_text_start+0x8/0x8
[   24.890374][  T288]  ? ksys_write+0x24f/0x2c0
[   24.890391][  T288]  ? __x64_sys_rt_sigprocmask+0xb0/0xb0
[   24.896959][   T82] Modules linked in:
[   24.903381][  T288]  schedule+0x11f/0x1e0
[   24.903401][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   24.903421][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   24.903440][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   24.903462][  T288]  do_syscall_64+0x49/0xb0
[   24.903481][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   24.907112][   T82] Preemption disabled at:
[   24.907118][   T82] [<ffffffff8165ef0a>] is_module_text_address+0x1a/0x140
[   24.911277][  T288] RIP: 0033:0x7f63542a3bf2
[   24.911295][  T288] Code: 89 c7 48 89 44 24 08 e8 7b 34 fa ff 48 8b 44 24 08 48 83 c4 28 c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6f 48 8b 15 07 a2 0d 00 f7 d8 64 89 02 48 83
[   25.090779][  T288] RSP: 002b:00007ffd30951108 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   25.099013][  T288] RAX: 000000000000003c RBX: 000000000000003c RCX: 00007f63542a3bf2
[   25.106831][  T288] RDX: 000000000000003c RSI: 000055a0aa85af80 RDI: 0000000000000004
[   25.114725][  T288] RBP: 000055a0aa840460 R08: 0000000000000000 R09: 0000000000000000
[   25.122535][  T288] R10: 0000000000000000 R11: 0000000000000246 R12: 000055a0a992daa4
[   25.130347][  T288] R13: 0000000000000018 R14: 000055a0a992e3e8 R15: 00007ffd30951178
[   25.138165][  T288]  </TASK>
[   25.141025][   T82] CPU: 0 PID: 82 Comm: syslogd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   25.151835][   T82] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   25.161789][   T82] Call Trace:
[   25.164913][   T82]  <TASK>
[   25.167694][   T82]  dump_stack_lvl+0x151/0x1b7
[   25.172289][   T82]  ? is_module_text_address+0x1a/0x140
[   25.177586][   T82]  ? is_module_text_address+0x1a/0x140
[   25.182884][   T82]  ? io_uring_drop_tctx_refs+0x190/0x190
[   25.188351][   T82]  ? is_module_text_address+0x1a/0x140
[   25.193656][   T82]  dump_stack+0x15/0x17
[   25.197637][   T82]  __schedule_bug+0x195/0x260
[   25.202148][   T82]  ? ttwu_queue_wakelist+0x510/0x510
[   25.207279][   T82]  ? do_sys_openat2+0x71c/0x830
[   25.211959][   T82]  __schedule+0xd19/0x1590
[   25.216295][   T82]  ? bpf_trace_run2+0xf1/0x210
[   25.220898][   T82]  ? __sched_text_start+0x8/0x8
[   25.225586][   T82]  ? __x64_sys_openat+0x243/0x290
[   25.230450][   T82]  schedule+0x11f/0x1e0
[   25.234436][   T82]  exit_to_user_mode_loop+0x4d/0xe0
[   25.239470][   T82]  exit_to_user_mode_prepare+0x5a/0xa0
[   25.244853][   T82]  syscall_exit_to_user_mode+0x26/0x160
[   25.250233][   T82]  do_syscall_64+0x49/0xb0
[   25.254486][   T82]  ? sysvec_call_function_single+0x52/0xb0
[   25.260128][   T82]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   25.265857][   T82] RIP: 0033:0x7fe7d518e9a4
[   25.270114][   T82] Code: 24 20 48 8d 44 24 30 48 89 44 24 28 64 8b 04 25 18 00 00 00 85 c0 75 2c 44 89 e2 48 89 ee bf 9c ff ff ff b8 01 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 60 48 8b 15 55 a4 0d 00 f7 d8 64 89 02 48 83
[pid   310] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   307] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   311] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   310] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   309] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   307] write(-1, NULL, 206336 <unfinished ...>
[pid   306] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   311] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   310] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   309] write(-1, NULL, 206336 <unfinished ...>
[pid   307] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   311] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   310] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   309] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   307] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[   25.289551][   T82] RSP: 002b:00007ffde13b3650 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   25.297794][   T82] RAX: 0000000000000003 RBX: 0000559eae6172c0 RCX: 00007fe7d518e9a4
[   25.305606][   T82] RDX: 0000000000000d41 RSI: 00007fe7d532d443 RDI: 00000000ffffff9c
[   25.313417][   T82] RBP: 00007fe7d532d443 R08: 0000000000000001 R09: 0000000000000000
[   25.321315][   T82] R10: 00000000000001b6 R11: 0000000000000246 R12: 0000000000000d41
[   25.329129][   T82] R13: 00000000664c2533 R14: 0000000000000003 R15: 0000559eae617410
[   25.337117][   T82]  </TASK>
[pid   311] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   310] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   309] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   307] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   311] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   310] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   309] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   307] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   311] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[   25.340921][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   25.347582][    C1] softirq: huh, entered softirq 6 TASKLET ffffffff8142f670 with preempt_count 00000103, exited with 00000102?
[   25.353230][    T1] BUG: scheduling while atomic: init/1/0x00000002
[   25.363942][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   25.370091][    T1] Modules linked in:
[   25.376414][  T288] Modules linked in:
[   25.376416][    T1] 
[   25.376422][    T1] Preemption disabled at:
[   25.376427][    T1] [<ffffffff8165ef0a>] is_module_text_address+0x1a/0x140
[   25.380186][  T288] 
[   25.383881][    T1] CPU: 0 PID: 1 Comm: init Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   25.386048][  T288] Preemption disabled at:
[   25.386054][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   25.390256][    T1] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   25.390269][    T1] Call Trace:
[   25.390275][    T1]  <TASK>
[   25.390282][    T1]  dump_stack_lvl+0x151/0x1b7
[   25.440911][    T1]  ? is_module_text_address+0x1a/0x140
[   25.446197][    T1]  ? is_module_text_address+0x1a/0x140
[   25.451501][    T1]  ? io_uring_drop_tctx_refs+0x190/0x190
[   25.456963][    T1]  ? is_module_text_address+0x1a/0x140
[   25.462258][    T1]  dump_stack+0x15/0x17
[   25.466281][    T1]  __schedule_bug+0x195/0x260
[   25.470762][    T1]  ? ttwu_queue_wakelist+0x510/0x510
[   25.475880][    T1]  ? avc_has_perm_noaudit+0x2dd/0x430
[   25.481090][    T1]  __schedule+0xd19/0x1590
[   25.485518][    T1]  ? __kmalloc_track_caller+0x139/0x260
[   25.490907][    T1]  ? __sched_text_start+0x8/0x8
[   25.495586][    T1]  schedule+0x11f/0x1e0
[   25.499581][    T1]  schedule_timeout+0xa9/0x370
[   25.504177][    T1]  ? __kasan_check_write+0x14/0x20
[   25.509126][    T1]  ? _copy_from_iter+0x34d/0xdc0
[   25.513906][    T1]  ? console_conditional_schedule+0x30/0x30
[   25.519716][    T1]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   25.525353][    T1]  ? prepare_to_wait_exclusive+0x1ac/0x1f0
[   25.530995][    T1]  unix_wait_for_peer+0x24b/0x330
[   25.535859][    T1]  ? unix_find_other+0x860/0x860
[   25.540631][    T1]  ? io_schedule+0x120/0x120
[   25.545061][    T1]  ? _raw_spin_trylock_bh+0x190/0x190
[   25.550264][    T1]  ? security_unix_may_send+0x7b/0xa0
[   25.555475][    T1]  unix_dgram_sendmsg+0x143f/0x2090
[   25.560599][    T1]  ? unix_dgram_poll+0x710/0x710
[   25.565366][    T1]  ? security_socket_sendmsg+0x82/0xb0
[   25.570744][    T1]  ? unix_dgram_poll+0x710/0x710
[   25.575518][    T1]  __sys_sendto+0x564/0x720
[   25.579858][    T1]  ? __ia32_sys_getpeername+0x90/0x90
[   25.585067][    T1]  ? bpf_trace_run2+0xf1/0x210
[   25.589672][    T1]  ? __bpf_trace_sys_enter+0x62/0x70
[   25.594792][    T1]  __x64_sys_sendto+0xe5/0x100
[   25.599477][    T1]  do_syscall_64+0x3d/0xb0
[   25.603730][    T1]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   25.609455][    T1] RIP: 0033:0x7f448618a9b5
[   25.613715][    T1] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83
[   25.633238][    T1] RSP: 002b:00007ffe0e200da8 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   25.641484][    T1] RAX: ffffffffffffffda RBX: 0000000000000002 RCX: 00007f448618a9b5
[   25.649300][    T1] RDX: 000000000000006c RSI: 000056003e50c3f0 RDI: 0000000000000003
[   25.657108][    T1] RBP: 000056003e50a560 R08: 0000000000000000 R09: 0000000000000000
[   25.664916][    T1] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000014
[   25.672730][    T1] R13: 00007f4486318212 R14: 00007ffe0e200ea8 R15: 0000000000000000
[   25.680556][    T1]  </TASK>
[   25.683417][  T288] CPU: 1 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   25.694084][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   25.703974][  T288] Call Trace:
[   25.707098][  T288]  <TASK>
[   25.709878][  T288]  dump_stack_lvl+0x151/0x1b7
[   25.714390][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   25.719688][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   25.724978][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   25.730533][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   25.735831][  T288]  dump_stack+0x15/0x17
[   25.739818][  T288]  __schedule_bug+0x195/0x260
[   25.744336][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   25.749456][  T288]  ? bpf_bprintf_cleanup+0x1a/0x60
[   25.754513][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   25.759898][  T288]  __schedule+0xd19/0x1590
[   25.764150][  T288]  ? __kasan_check_read+0x11/0x20
[   25.769037][  T288]  ? __fdget_pos+0x209/0x3a0
[   25.773439][  T288]  ? __sched_text_start+0x8/0x8
[   25.778169][  T288]  ? ksys_write+0x24f/0x2c0
[   25.782463][  T288]  ? __x64_sys_rt_sigprocmask+0xb0/0xb0
[   25.787845][  T288]  schedule+0x11f/0x1e0
[   25.791837][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   25.796875][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   25.802182][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   25.807547][  T288]  do_syscall_64+0x49/0xb0
[   25.812027][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   25.817785][  T288] RIP: 0033:0x7f63542a3bf2
[   25.822004][  T288] Code: 89 c7 48 89 44 24 08 e8 7b 34 fa ff 48 8b 44 24 08 48 83 c4 28 c3 c3 64 8b 04 25 18 00 00 00 85 c0 75 20 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 6f 48 8b 15 07 a2 0d 00 f7 d8 64 89 02 48 83
[pid   310] ioctl(-1, FIOASYNC, NULLexecuting program
 <unfinished ...>
[pid   309] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   307] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   311] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   310] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   306] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   306] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   306] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   306] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   306] exit_group(0)               = ?
[pid   306] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=306, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bba750) = 313
./strace-static-x86_64: Process 313 attached
[pid   313] set_robust_list(0x555555bba760, 24) = 0
[pid   313] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   313] setpgid(0, 0)               = 0
[pid   313] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   313] write(3, "1000", 4)         = 4
[pid   313] close(3)                    = 0
[pid   313] write(1, "executing program\n", 18) = 18
[pid   313] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   313] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   313] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   311] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   310] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   309] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   307] exit_group(0 <unfinished ...>
[   25.841438][  T288] RSP: 002b:00007ffd30951108 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   25.849688][  T288] RAX: 000000000000005c RBX: 000000000000005c RCX: 00007f63542a3bf2
[   25.857495][  T288] RDX: 000000000000005c RSI: 000055a0aa85af80 RDI: 0000000000000004
[   25.865480][  T288] RBP: 000055a0aa840460 R08: 0000000000000000 R09: 0000000000000000
[   25.873293][  T288] R10: 0000000000000000 R11: 0000000000000246 R12: 000055a0a992daa4
[   25.881105][  T288] R13: 0000000000000019 R14: 000055a0a992e3e8 R15: 00007ffd30951178
[   25.889010][  T288]  </TASK>
[   25.893837][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   25.895336][    C1] softirq: huh, entered softirq 6 TASKLET ffffffff8142f670 with preempt_count 00000103, exited with 00000102?
[   25.905423][   T89] BUG: scheduling while atomic: klogd/89/0x00000002
[   25.916701][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   25.916716][  T291] Modules linked in:
[   25.916725][  T291] Preemption disabled at:
[   25.916729][  T291] [<ffffffff81bccae9>] pipe_write+0x1429/0x1930
[   25.916758][  T291] CPU: 1 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   25.916778][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   25.916789][  T291] Call Trace:
[   25.916794][  T291]  <TASK>
[   25.916800][  T291]  dump_stack_lvl+0x151/0x1b7
[   25.916821][  T291]  ? pipe_write+0x1429/0x1930
[   25.916838][  T291]  ? pipe_write+0x1429/0x1930
[   25.916856][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   25.923369][   T89] Modules linked in:
[   25.930792][  T291]  ? pipe_write+0x1429/0x1930
[   25.934518][   T89] 
[   25.934524][   T89] Preemption disabled at:
[   25.938687][  T291]  dump_stack+0x15/0x17
[   25.938706][  T291]  __schedule_bug+0x195/0x260
[   25.944760][   T89] [<ffffffff8165ef0a>] is_module_text_address+0x1a/0x140
[   25.956220][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   25.956241][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   26.031937][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   26.036973][  T291]  __schedule+0xd19/0x1590
[   26.041222][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   26.046602][  T291]  ? bpf_trace_run2+0xf1/0x210
[   26.051201][  T291]  ? __sched_text_start+0x8/0x8
[   26.055889][  T291]  ? ptrace_check_attach+0x323/0x420
[   26.061011][  T291]  schedule+0x11f/0x1e0
[   26.065002][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   26.070036][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   26.075330][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   26.080711][  T291]  do_syscall_64+0x49/0xb0
[   26.084961][  T291]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[   26.090608][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   26.096336][  T291] RIP: 0033:0x4e6c1a
[   26.100071][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   26.119769][  T291] RSP: 002b:00007ffec93eefa0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[   26.128275][  T291] RAX: 0000000000000000 RBX: 00000000014752f8 RCX: 00000000004e6c1a
[   26.136088][  T291] RDX: 0000000000000000 RSI: 0000000000000139 RDI: 0000000000000018
[   26.144068][  T291] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000002
[   26.151965][  T291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000001477380
[   26.159778][  T291] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180
[   26.167596][  T291]  </TASK>
[   26.170457][   T89] CPU: 0 PID: 89 Comm: klogd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   26.180958][   T89] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   26.190938][   T89] Call Trace:
[   26.194082][   T89]  <TASK>
[   26.196839][   T89]  dump_stack_lvl+0x151/0x1b7
[   26.201439][   T89]  ? is_module_text_address+0x1a/0x140
[   26.206732][   T89]  ? is_module_text_address+0x1a/0x140
[   26.212028][   T89]  ? io_uring_drop_tctx_refs+0x190/0x190
[   26.217646][   T89]  ? is_module_text_address+0x1a/0x140
[   26.222879][   T89]  dump_stack+0x15/0x17
[   26.226870][   T89]  __schedule_bug+0x195/0x260
[   26.231381][   T89]  ? ttwu_queue_wakelist+0x510/0x510
[   26.236678][   T89]  ? avc_has_perm_noaudit+0x2dd/0x430
[   26.241891][   T89]  __schedule+0xd19/0x1590
[   26.246144][   T89]  ? __kmalloc_track_caller+0x139/0x260
[   26.251519][   T89]  ? __sched_text_start+0x8/0x8
[   26.256211][   T89]  schedule+0x11f/0x1e0
[   26.260374][   T89]  schedule_timeout+0xa9/0x370
[   26.265067][   T89]  ? __kasan_check_write+0x14/0x20
[   26.270006][   T89]  ? _copy_from_iter+0x34d/0xdc0
[   26.274781][   T89]  ? console_conditional_schedule+0x30/0x30
[   26.280507][   T89]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   26.286238][   T89]  ? prepare_to_wait_exclusive+0x1ac/0x1f0
[   26.291881][   T89]  unix_wait_for_peer+0x24b/0x330
[   26.296741][   T89]  ? unix_find_other+0x860/0x860
[   26.301511][   T89]  ? io_schedule+0x120/0x120
[   26.305941][   T89]  ? _raw_spin_trylock_bh+0x190/0x190
[   26.311147][   T89]  ? security_unix_may_send+0x7b/0xa0
[   26.316355][   T89]  unix_dgram_sendmsg+0x143f/0x2090
[   26.321394][   T89]  ? unix_dgram_poll+0x710/0x710
[   26.326163][   T89]  ? security_socket_sendmsg+0x82/0xb0
[   26.331455][   T89]  ? unix_dgram_poll+0x710/0x710
[   26.336232][   T89]  __sys_sendto+0x564/0x720
[   26.340572][   T89]  ? __ia32_sys_getpeername+0x90/0x90
[   26.345780][   T89]  ? bpf_trace_run2+0xf1/0x210
[   26.350385][   T89]  ? __bpf_trace_sys_enter+0x62/0x70
[   26.355500][   T89]  __x64_sys_sendto+0xe5/0x100
[   26.360101][   T89]  do_syscall_64+0x3d/0xb0
[   26.364352][   T89]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   26.370079][   T89] RIP: 0033:0x7f83469149b5
[   26.374335][   T89] Code: 8b 44 24 08 48 83 c4 28 48 98 c3 48 98 c3 41 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 26 45 31 c9 45 31 c0 b8 2c 00 00 00 0f 05 <48> 3d 00 f0 ff ff 76 7a 48 8b 15 44 c4 0c 00 f7 d8 64 89 02 48 83
[pid   313] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16) = 5
[pid   311] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   309] exit_group(0 <unfinished ...>
[pid   307] <... exit_group resumed>)   = ?
[pid   313] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   311] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   313] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   313] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   307] +++ exited with 0 +++
[pid   313] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=307, si_uid=0, si_status=0, si_utime=0, si_stime=22} ---
[pid   313] recvmsg(-1, NULL, MSG_OOB)  = -1 EBADF (Bad file descriptor)
[pid   313] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   313] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   313] socketpair(AF_UNIX, SOCK_STREAM, 0, NULL) = -1 EFAULT (Bad address)
[pid   313] ioctl(-1, FIOASYNC, NULL)   = -1 EBADF (Bad file descriptor)
[pid   313] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 6
[pid   311] <... bpf resumed>)          = 6
[pid   310] <... bpf resumed>)          = 6
[pid   309] <... exit_group resumed>)   = ?
[pid   313] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16) = 7
[pid   311] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   310] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   313] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 314 attached
 <unfinished ...>
[   26.393779][   T89] RSP: 002b:00007fff03a47e68 EFLAGS: 00000246 ORIG_RAX: 000000000000002c
[   26.402018][   T89] RAX: ffffffffffffffda RBX: 0000000000000000 RCX: 00007f83469149b5
[   26.409830][   T89] RDX: 000000000000005b RSI: 0000559969ce80f0 RDI: 0000000000000003
[   26.417648][   T89] RBP: 0000559969ce22c0 R08: 0000000000000000 R09: 0000000000000000
[   26.425450][   T89] R10: 0000000000004000 R11: 0000000000000246 R12: 0000000000000013
[   26.433264][   T89] R13: 00007f8346aa2212 R14: 00007fff03a47f68 R15: 0000000000000000
[   26.441089][   T89]  </TASK>
[   26.458736][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   26.470334][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   26.476739][  T288] Modules linked in:
[   26.480471][  T288] Preemption disabled at:
[   26.480480][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   26.491503][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   26.501974][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   26.511871][  T288] Call Trace:
[   26.514995][  T288]  <TASK>
[   26.517772][  T288]  dump_stack_lvl+0x151/0x1b7
[   26.522280][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   26.527572][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   26.532869][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   26.538337][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   26.543632][  T288]  dump_stack+0x15/0x17
[   26.547627][  T288]  __schedule_bug+0x195/0x260
[   26.552137][  T288]  ? __kasan_check_write+0x14/0x20
[   26.557085][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   26.562201][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   26.567500][  T288]  __schedule+0xd19/0x1590
[   26.571754][  T288]  ? __kasan_check_read+0x11/0x20
[   26.576610][  T288]  ? _copy_to_user+0x78/0x90
[   26.581038][  T288]  ? __sched_text_start+0x8/0x8
[   26.585725][  T288]  ? __se_sys_rt_sigprocmask+0x311/0x380
[   26.591205][  T288]  ? __x64_sys_rt_sigprocmask+0xb0/0xb0
[   26.596591][  T288]  schedule+0x11f/0x1e0
[   26.600653][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   26.605688][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   26.610992][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   26.616364][  T288]  do_syscall_64+0x49/0xb0
[   26.620617][  T288]  ? sysvec_call_function_single+0x52/0xb0
[   26.626259][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   26.631984][  T288] RIP: 0033:0x7f635424f773
[   26.636240][  T288] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41
[pid   313] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   311] <... bpf resumed>)          = 7
[pid   310] <... bpf resumed>)          = 7
[pid   309] +++ exited with 0 +++
[pid   314] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   313] close(-1 <unfinished ...>
[pid   311] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   310] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=309, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   311] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   310] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   311] close(-1 <unfinished ...>
[pid   310] close(-1 <unfinished ...>
[pid   311] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   310] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   311] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   310] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   311] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   310] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   311] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   310] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   311] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   310] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   311] write(-1, NULL, 206336 <unfinished ...>
[pid   310] write(-1, NULL, 206336 <unfinished ...>
[pid   311] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   310] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   311] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   310] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   311] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   310] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   311] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   310] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   298] <... clone resumed>, child_tidptr=0x555555bba750) = 315
[pid   311] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   310] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   311] exit_group(0 <unfinished ...>
[pid   310] exit_group(0 <unfinished ...>
[pid   311] <... exit_group resumed>)   = ?
[pid   310] <... exit_group resumed>)   = ?
[pid   311] +++ exited with 0 +++
./strace-static-x86_64: Process 315 attached
[pid   315] set_robust_list(0x555555bba760, 24) = 0
[pid   315] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   315] setpgid(0, 0)               = 0
[pid   315] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   315] write(3, "1000", 4)         = 4
[pid   315] close(3)                    = 0
[pid   315] write(1, "executing program\n", 18) = 18
[pid   315] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   315] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   315] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   315] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   297] <... clone resumed>, child_tidptr=0x555555bba750) = 314
[pid   295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=311, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bba750) = 316
[pid   314] <... set_robust_list resumed>) = 0
[pid   314] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   314] setpgid(0, 0)               = 0
[pid   314] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   314] write(3, "1000", 4)         = 4
[pid   314] close(3)                    = 0
[pid   314] write(1, "executing program\n", 18) = 18
[pid   314] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   314] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   314] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144executing program
executing program
./strace-static-x86_64: Process 316 attached
 <unfinished ...>
[pid   313] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   316] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   313] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   316] <... set_robust_list resumed>) = 0
[pid   313] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   316] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   313] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   316] <... prctl resumed>)        = 0
[pid   313] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   316] setpgid(0, 0 <unfinished ...>
[pid   313] write(-1, NULL, 206336 <unfinished ...>
[pid   316] <... setpgid resumed>)      = 0
[pid   313] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   316] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   313] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   316] <... openat resumed>)       = 3
[pid   313] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   316] write(3, "1000", 4 <unfinished ...>
[pid   313] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   316] <... write resumed>)        = 4
[pid   313] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   316] close(3 <unfinished ...>
[   26.655682][  T288] RSP: 002b:00007ffd30951110 EFLAGS: 00000246 ORIG_RAX: 000000000000000e
[   26.663925][  T288] RAX: 0000000000000000 RBX: 0000000000060000 RCX: 00007f635424f773
[   26.671745][  T288] RDX: 00007ffd309511f8 RSI: 00007ffd30951178 RDI: 0000000000000001
[   26.679545][  T288] RBP: 000055a0aa845460 R08: 0000000000000001 R09: 0000000000000000
[   26.687360][  T288] R10: 0000000000000008 R11: 0000000000000246 R12: 000055a0a992daa4
[   26.695169][  T288] R13: 000000000000001a R14: 000055a0a992e3e8 R15: 00007ffd30951178
[   26.703120][  T288]  </TASK>
[   26.714339][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   26.725780][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   26.732238][  T288] Modules linked in:
[   26.735961][  T288] Preemption disabled at:
[   26.735969][  T288] [<ffffffff81bcac33>] pipe_read+0x5b3/0x1040
[   26.746035][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   26.756536][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   26.766427][  T288] Call Trace:
[   26.769554][  T288]  <TASK>
[   26.772329][  T288]  dump_stack_lvl+0x151/0x1b7
[   26.776845][  T288]  ? pipe_read+0x5b3/0x1040
[   26.781182][  T288]  ? pipe_read+0x5b3/0x1040
[   26.785523][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   26.790987][  T288]  ? pipe_read+0x5b3/0x1040
[   26.795335][  T288]  dump_stack+0x15/0x17
[   26.799317][  T288]  __schedule_bug+0x195/0x260
[   26.803832][  T288]  ? bpf_bprintf_cleanup+0x4f/0x60
[   26.808778][  T288]  ? bpf_trace_printk+0x1be/0x300
[   26.813647][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   26.818871][  T288]  ? bpf_probe_write_user+0xf0/0xf0
[   26.823905][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   26.829204][  T288]  __schedule+0xd19/0x1590
[   26.833548][  T288]  ? __sched_text_start+0x8/0x8
[   26.838229][  T288]  ? bpf_trace_run2+0xf1/0x210
[   26.842829][  T288]  ? bpf_trace_run1+0x1c0/0x1c0
[   26.847528][  T288]  schedule+0x11f/0x1e0
[   26.851514][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   26.856544][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   26.861847][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   26.867225][  T288]  do_syscall_64+0x49/0xb0
[   26.871487][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   26.877293][  T288] RIP: 0033:0x7f635428a587
[   26.881550][  T288] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 b9 01 00 00 00 e9 12 fe ff ff 31 c9 e9 0b fe ff ff 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 <c3> 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00
[   26.900993][  T288] RSP: 002b:00007ffd3094c948 EFLAGS: 00000246 ORIG_RAX: 0000000000000027
[pid   313] exit_group(0 <unfinished ...>
[pid   316] <... close resumed>)        = 0
[pid   313] <... exit_group resumed>)   = ?
executing program
[pid   316] write(1, "executing program\n", 18 <unfinished ...>
[pid   314] <... bpf resumed>)          = 4
[pid   314] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   316] <... write resumed>)        = 18
[pid   316] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   316] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   316] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   316] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   315] <... bpf resumed>)          = 5
[pid   310] +++ exited with 0 +++
[pid   316] <... bpf resumed>)          = 5
[pid   315] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   314] <... bpf resumed>)          = 5
[pid   313] +++ exited with 0 +++
[pid   300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=310, si_uid=0, si_status=0, si_utime=0, si_stime=26} ---
[pid   316] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   315] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   314] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   316] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   315] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   314] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=313, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid   316] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   315] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   314] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   316] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   315] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   314] recvmsg(-1, NULL, 0./strace-static-x86_64: Process 320 attached
./strace-static-x86_64: Process 319 attached
 <unfinished ...>
[pid   316] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   315] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   314] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   301] <... clone resumed>, child_tidptr=0x555555bba750) = 320
[pid   300] <... clone resumed>, child_tidptr=0x555555bba750) = 319
[pid   320] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   319] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   316] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   315] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   314] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   320] <... set_robust_list resumed>) = 0
[pid   319] <... set_robust_list resumed>) = 0
[pid   316] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   315] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   314] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   316] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   315] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   314] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   319] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   316] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   315] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   314] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   320] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   319] <... prctl resumed>)        = 0
[pid   316] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   315] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   314] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   320] setpgid(0, 0 <unfinished ...>
[pid   319] setpgid(0, 0 <unfinished ...>
[pid   316] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   315] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   314] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   320] <... setpgid resumed>)      = 0
[pid   319] <... setpgid resumed>)      = 0
[pid   316] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   315] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   314] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   316] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   315] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   316] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   315] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   314] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   316] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   315] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   314] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   320] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   319] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   316] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73executing program
executing program
 <unfinished ...>
[pid   314] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   314] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   315] <... bpf resumed>)          = 6
[pid   319] <... openat resumed>)       = 3
[pid   320] <... openat resumed>)       = 3
[pid   316] <... bpf resumed>)          = 6
[pid   315] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   314] <... bpf resumed>)          = 6
[pid   320] write(3, "1000", 4 <unfinished ...>
[pid   319] write(3, "1000", 4 <unfinished ...>
[pid   316] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   320] <... write resumed>)        = 4
[pid   319] <... write resumed>)        = 4
[pid   320] close(3 <unfinished ...>
[pid   319] close(3)                    = 0
[pid   320] <... close resumed>)        = 0
[pid   314] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   320] write(1, "executing program\n", 18 <unfinished ...>
[pid   319] write(1, "executing program\n", 18 <unfinished ...>
[pid   320] <... write resumed>)        = 18
[pid   319] <... write resumed>)        = 18
[pid   319] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   320] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   319] <... bpf resumed>)          = 3
[pid   319] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   320] <... bpf resumed>)          = 3
[pid   319] <... bpf resumed>)          = 0
[pid   319] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   320] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   320] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   319] <... bpf resumed>)          = 4
[pid   319] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   320] <... bpf resumed>)          = 4
[pid   320] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   315] <... bpf resumed>)          = 7
[pid   316] <... bpf resumed>)          = 7
[pid   319] <... bpf resumed>)          = 5
[pid   315] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   314] <... bpf resumed>)          = 7
[pid   319] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   316] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   315] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   314] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   319] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   316] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   315] close(-1 <unfinished ...>
[pid   314] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   319] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   316] close(-1 <unfinished ...>
[pid   315] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   314] close(-1 <unfinished ...>
[pid   319] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   316] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   315] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   314] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   319] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   316] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   315] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   314] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   319] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   316] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   315] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   314] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   319] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   316] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   315] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   314] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   319] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   316] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   315] write(-1, NULL, 206336 <unfinished ...>
[pid   314] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   319] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   316] write(-1, NULL, 206336 <unfinished ...>
[pid   315] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   314] write(-1, NULL, 206336 <unfinished ...>
[pid   319] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   316] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   315] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   314] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   319] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   316] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   315] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   314] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   319] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   316] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   315] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   314] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   319] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   316] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   315] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   314] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   319] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   316] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   315] exit_group(0 <unfinished ...>
[pid   314] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   319] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   316] exit_group(0 <unfinished ...>
[pid   315] <... exit_group resumed>)   = ?
[pid   314] exit_group(0 <unfinished ...>
[pid   319] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   316] <... exit_group resumed>)   = ?
[pid   320] <... bpf resumed>)          = 5
[pid   315] +++ exited with 0 +++
[pid   320] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   314] <... exit_group resumed>)   = ?
[pid   320] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=315, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   320] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   320] recvmsg(-1, NULL, 0 <unfinished ...>
[   26.909315][  T288] RAX: 0000000000000120 RBX: 0000000000000000 RCX: 00007f635428a587
[   26.917131][  T288] RDX: 000000000000085c RSI: 000055a0a9939480 RDI: 000055a0a9936937
[   26.925112][  T288] RBP: 000055a0a9937856 R08: 0000000000000006 R09: 0000000000000000
[   26.932933][  T288] R10: 000055a0a9937856 R11: 0000000000000246 R12: 000055a0a9936937
[   26.940737][  T288] R13: 000055a0a9939480 R14: 000055a0a9939480 R15: 00007ffd3094ced0
[   26.948553][  T288]  </TASK>
[   26.977750][    C1] softirq: huh, entered softirq 9 RCU ffffffff815cac40 with preempt_count 00000103, exited with 00000102?
[   26.988916][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   26.996457][  T291] Modules linked in:
[   27.000255][  T291] Preemption disabled at:
[   27.000263][  T291] [<ffffffff81529686>] remove_wait_queue+0x26/0x140
[   27.011049][  T291] CPU: 1 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   27.022426][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   27.032435][  T291] Call Trace:
[   27.035556][  T291]  <TASK>
[   27.038335][  T291]  dump_stack_lvl+0x151/0x1b7
[   27.042848][  T291]  ? remove_wait_queue+0x26/0x140
[   27.047711][  T291]  ? remove_wait_queue+0x26/0x140
[   27.052568][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   27.058556][  T291]  ? remove_wait_queue+0x26/0x140
[   27.063417][  T291]  dump_stack+0x15/0x17
[   27.067415][  T291]  __schedule_bug+0x195/0x260
[   27.071956][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   27.077040][  T291]  ? kernel_waitid+0x520/0x520
[   27.081644][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   27.086676][  T291]  __schedule+0xd19/0x1590
[   27.090931][  T291]  ? __x64_sys_wait4+0x181/0x1e0
[   27.095703][  T291]  ? bpf_trace_run2+0xf1/0x210
[   27.100304][  T291]  ? __sched_text_start+0x8/0x8
[   27.104989][  T291]  schedule+0x11f/0x1e0
[   27.108982][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   27.114104][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   27.119396][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   27.124778][  T291]  do_syscall_64+0x49/0xb0
[   27.129142][  T291]  ? sysvec_call_function_single+0x52/0xb0
[   27.134759][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   27.140487][  T291] RIP: 0033:0x4d49a6
[   27.144221][  T291] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
[   27.163664][  T291] RSP: 002b:00007ffec93ef0b8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[pid   298] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   320] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   319] <... bpf resumed>)          = 6
[pid   316] +++ exited with 0 +++
[pid   314] +++ exited with 0 +++
[pid   298] <... restart_syscall resumed>) = 0
[pid   320] recvmsg(-1, NULL, MSG_OOB)  = -1 EBADF (Bad file descriptor)
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=314, si_uid=0, si_status=0, si_utime=0, si_stime=20} ---
[pid   295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=316, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   320] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   320] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   320] socketpair(AF_UNIX, SOCK_STREAM, 0, NULL) = -1 EFAULT (Bad address)
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   320] ioctl(-1, FIOASYNC, NULL)   = -1 EBADF (Bad file descriptor)
[pid   320] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73./strace-static-x86_64: Process 321 attached
 <unfinished ...>
[pid   319] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   321] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   319] <... bpf resumed>)          = 7
[pid   298] <... clone resumed>, child_tidptr=0x555555bba750) = 321
[pid   321] <... set_robust_list resumed>) = 0
[pid   320] <... bpf resumed>)          = 6
[pid   319] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   321] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   320] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   319] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 322 attached
./strace-static-x86_64: Process 323 attached
 <unfinished ...>
[pid   321] <... prctl resumed>)        = 0
[pid   320] <... bpf resumed>)          = 7
[pid   319] close(-1 <unfinished ...>
[   27.171905][  T291] RAX: 000000000000012c RBX: 0000000000000002 RCX: 00000000004d49a6
[   27.180008][  T291] RDX: 0000000040000001 RSI: 00007ffec93ef0dc RDI: 00000000ffffffff
[   27.187819][  T291] RBP: 00000000014774d0 R08: 0000000000000000 R09: 0000000000000000
[   27.195638][  T291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000147d490
[   27.203437][  T291] R13: 000000000000012d R14: 00007ffec93ef0dc R15: 0000000000617180
[   27.211259][  T291]  </TASK>
[   27.222689][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   27.234123][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   27.241769][  T291] Modules linked in:
[   27.245478][  T291] Preemption disabled at:
[   27.245484][  T291] [<ffffffff81bccae9>] pipe_write+0x1429/0x1930
[   27.255734][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   27.267185][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   27.277085][  T291] Call Trace:
[   27.280201][  T291]  <TASK>
[   27.282975][  T291]  dump_stack_lvl+0x151/0x1b7
[   27.287486][  T291]  ? pipe_write+0x1429/0x1930
[   27.291999][  T291]  ? pipe_write+0x1429/0x1930
[   27.296513][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   27.301983][  T291]  ? pipe_write+0x1429/0x1930
[   27.306495][  T291]  dump_stack+0x15/0x17
[   27.310487][  T291]  __schedule_bug+0x195/0x260
[   27.315000][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   27.320120][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   27.325763][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   27.330799][  T291]  __schedule+0xd19/0x1590
[   27.335054][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   27.340431][  T291]  ? bpf_trace_run2+0xf1/0x210
[   27.345030][  T291]  ? __sched_text_start+0x8/0x8
[   27.349719][  T291]  ? ptrace_check_attach+0x323/0x420
[   27.354839][  T291]  schedule+0x11f/0x1e0
[   27.358928][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   27.363954][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   27.369246][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   27.374628][  T291]  do_syscall_64+0x49/0xb0
[   27.378882][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   27.384615][  T291] RIP: 0033:0x4e6c1a
[   27.388345][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   27.407786][  T291] RSP: 002b:00007ffec93eefa0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[   27.416027][  T291] RAX: 0000000000000000 RBX: 00000000014752f8 RCX: 00000000004e6c1a
[pid   321] setpgid(0, 0 <unfinished ...>
[pid   319] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   297] <... clone resumed>, child_tidptr=0x555555bba750) = 322
[pid   295] <... clone resumed>, child_tidptr=0x555555bba750) = 323
[pid   323] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   322] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   321] <... setpgid resumed>)      = 0
[pid   320] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   319] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   320] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   319] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   321] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   320] close(-1 <unfinished ...>
[pid   319] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   319] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   319] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   319] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[   27.423839][  T291] RDX: 0000000000000000 RSI: 0000000000000141 RDI: 0000000000000018
[   27.431656][  T291] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000001
[   27.439467][  T291] R10: 0000000000000000 R11: 0000000000000206 R12: 00000000014770e0
[   27.447296][  T291] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180
[   27.455091][  T291]  </TASK>
[   27.461084][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000102, exited with 00000101?
[   27.472557][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   27.480139][  T291] Modules linked in:
[   27.483929][  T291] Preemption disabled at:
[   27.483934][  T291] [<ffffffff81446d39>] __se_sys_ptrace+0x229/0x400
[   27.494447][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   27.505889][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   27.515786][  T291] Call Trace:
[   27.518926][  T291]  <TASK>
[   27.521693][  T291]  dump_stack_lvl+0x151/0x1b7
[   27.526200][  T291]  ? __se_sys_ptrace+0x229/0x400
[   27.530973][  T291]  ? __se_sys_ptrace+0x229/0x400
[   27.535746][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   27.541224][  T291]  ? __se_sys_ptrace+0x229/0x400
[   27.545986][  T291]  dump_stack+0x15/0x17
[   27.550095][  T291]  __schedule_bug+0x195/0x260
[   27.554509][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   27.559615][  T291]  ? bpf_bprintf_cleanup+0x1a/0x60
[   27.564562][  T291]  __schedule+0xd19/0x1590
[   27.568813][  T291]  ? __kasan_check_read+0x11/0x20
[   27.573674][  T291]  ? __fdget_pos+0x209/0x3a0
[   27.578098][  T291]  ? __sched_text_start+0x8/0x8
[   27.582785][  T291]  ? ksys_write+0x24f/0x2c0
[   27.587162][  T291]  schedule+0x11f/0x1e0
[   27.591118][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   27.596154][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   27.601447][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   27.606827][  T291]  do_syscall_64+0x49/0xb0
[   27.611080][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   27.616813][  T291] RIP: 0033:0x4e5c73
[   27.620554][  T291] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18
[   27.640258][  T291] RSP: 002b:00007ffec93eeef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   27.648501][  T291] RAX: 0000000000000021 RBX: 0000000000000021 RCX: 00000000004e5c73
[   27.656311][  T291] RDX: 0000000000000021 RSI: 0000000001478000 RDI: 0000000000000002
[   27.664125][  T291] RBP: 0000000001478000 R08: 00000000ffffffff R09: 000000000000001e
[   27.671934][  T291] R10: 000000000058f592 R11: 0000000000000246 R12: 0000000000000021
[pid   323] <... set_robust_list resumed>) = 0
[pid   322] <... set_robust_list resumed>) = 0
[pid   321] <... openat resumed>)       = 3
[pid   320] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   319] exit_group(0 <unfinished ...>
[pid   322] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   321] write(3, "1000", 4 <unfinished ...>
[pid   320] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   319] <... exit_group resumed>)   = ?
[pid   322] <... prctl resumed>)        = 0
[pid   321] <... write resumed>)        = 4
[pid   320] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
executing program
[pid   322] setpgid(0, 0 <unfinished ...>
[pid   321] close(3 <unfinished ...>
[pid   320] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   322] <... setpgid resumed>)      = 0
[pid   321] <... close resumed>)        = 0
[pid   320] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   320] write(-1, NULL, 206336 <unfinished ...>
[pid   321] write(1, "executing program\n", 18 <unfinished ...>
[pid   322] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   320] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   321] <... write resumed>)        = 18
[pid   320] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   321] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   322] <... openat resumed>)       = 3
[pid   320] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   321] <... bpf resumed>)          = 3
[pid   320] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   322] write(3, "1000", 4 <unfinished ...>
[pid   321] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   320] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[   27.679747][  T291] R13: 0000000000617480 R14: 0000000000000021 R15: 0000000000000001
[   27.687563][  T291]  </TASK>
[   27.695184][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   27.706594][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   27.714095][  T291] Modules linked in:
[   27.717825][  T291] Preemption disabled at:
[   27.717833][  T291] [<ffffffff81529686>] remove_wait_queue+0x26/0x140
[   27.728412][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   27.739843][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   27.749743][  T291] Call Trace:
[   27.752861][  T291]  <TASK>
[   27.755639][  T291]  dump_stack_lvl+0x151/0x1b7
[   27.760172][  T291]  ? remove_wait_queue+0x26/0x140
[   27.765014][  T291]  ? remove_wait_queue+0x26/0x140
[   27.769872][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   27.775340][  T291]  ? remove_wait_queue+0x26/0x140
[   27.780200][  T291]  dump_stack+0x15/0x17
[   27.784191][  T291]  __schedule_bug+0x195/0x260
[   27.788707][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   27.793843][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   27.799473][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   27.804508][  T291]  __schedule+0xd19/0x1590
[   27.808762][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   27.814139][  T291]  ? __sched_text_start+0x8/0x8
[   27.818983][  T291]  ? _raw_spin_lock_irq+0xa5/0x1b0
[   27.823927][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   27.829310][  T291]  ? ptrace_check_attach+0x323/0x420
[   27.834438][  T291]  schedule+0x11f/0x1e0
[   27.838419][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   27.843454][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   27.848749][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   27.854130][  T291]  do_syscall_64+0x49/0xb0
[   27.858383][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   27.864109][  T291] RIP: 0033:0x4e6c1a
[   27.867848][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   27.887281][  T291] RSP: 002b:00007ffec93eef90 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[   27.895526][  T291] RAX: 0000000000000021 RBX: 0000000001477620 RCX: 00000000004e6c1a
[   27.903341][  T291] RDX: 0000000000000058 RSI: 0000000000000142 RDI: 000000000000420e
[   27.911151][  T291] RBP: 0000000001477620 R08: 000000000000420d R09: 0000000000000000
[   27.918961][  T291] R10: 000000000063c820 R11: 0000000000000206 R12: 0000000001477620
[pid   322] <... write resumed>)        = 4
[pid   321] <... bpf resumed>)          = 0
[pid   323] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   320] exit_group(0 <unfinished ...>
[pid   323] <... prctl resumed>)        = 0
[pid   322] close(3 <unfinished ...>
[pid   321] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   320] <... exit_group resumed>)   = ?
[pid   323] setpgid(0, 0 <unfinished ...>
[pid   322] <... close resumed>)        = 0
[pid   323] <... setpgid resumed>)      = 0
executing program
[pid   322] write(1, "executing program\n", 18 <unfinished ...>
[pid   323] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   322] <... write resumed>)        = 18
[pid   323] <... openat resumed>)       = 3
[pid   322] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   323] write(3, "1000", 4 <unfinished ...>
[pid   322] <... bpf resumed>)          = 3
[pid   323] <... write resumed>)        = 4
[pid   322] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   323] close(3 <unfinished ...>
[pid   322] <... bpf resumed>)          = 0
[pid   323] <... close resumed>)        = 0
[pid   322] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   321] <... bpf resumed>)          = 4
executing program
[pid   323] write(1, "executing program\n", 18 <unfinished ...>
[pid   322] <... bpf resumed>)          = 4
[pid   323] <... write resumed>)        = 18
[pid   322] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   323] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   323] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   323] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   323] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[   27.926773][  T291] R13: 00007ffec93ef030 R14: 000000000000857f R15: 0000000000617180
[   27.934591][  T291]  </TASK>
[   27.938637][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   27.950972][   T82] BUG: scheduling while atomic: syslogd/82/0x00000002
[   27.957970][   T82] Modules linked in:
[   27.961912][   T82] Preemption disabled at:
[   27.961922][   T82] [<ffffffff81b9fa4b>] vfs_write+0x94b/0x1110
[   27.972628][   T82] CPU: 0 PID: 82 Comm: syslogd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   27.983289][   T82] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   27.993272][   T82] Call Trace:
[   27.996392][   T82]  <TASK>
[   27.999170][   T82]  dump_stack_lvl+0x151/0x1b7
[   28.003684][   T82]  ? vfs_write+0x94b/0x1110
[   28.008024][   T82]  ? vfs_write+0x94b/0x1110
[   28.012361][   T82]  ? io_uring_drop_tctx_refs+0x190/0x190
[   28.017836][   T82]  ? vfs_write+0x94b/0x1110
[   28.022173][   T82]  dump_stack+0x15/0x17
[   28.026179][   T82]  __schedule_bug+0x195/0x260
[   28.030684][   T82]  ? ttwu_queue_wakelist+0x510/0x510
[   28.035802][   T82]  ? bpf_probe_write_user+0xf0/0xf0
[   28.040831][   T82]  ? finish_task_switch+0x167/0x7b0
[   28.045872][   T82]  __schedule+0xd19/0x1590
[   28.050125][   T82]  ? __kasan_check_read+0x11/0x20
[   28.054983][   T82]  ? __fdget_pos+0x209/0x3a0
[   28.059492][   T82]  ? __sched_text_start+0x8/0x8
[   28.064190][   T82]  ? ksys_read+0x24f/0x2c0
[   28.068430][   T82]  ? bpf_trace_run1+0x1c0/0x1c0
[   28.073130][   T82]  schedule+0x11f/0x1e0
[   28.077122][   T82]  exit_to_user_mode_loop+0x4d/0xe0
[   28.082153][   T82]  exit_to_user_mode_prepare+0x5a/0xa0
[   28.087439][   T82]  syscall_exit_to_user_mode+0x26/0x160
[   28.092828][   T82]  do_syscall_64+0x49/0xb0
[   28.097078][   T82]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   28.102838][   T82] RIP: 0033:0x7fe7d518eb6a
[   28.107144][   T82] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83
[pid   321] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   319] +++ exited with 0 +++
[pid   320] +++ exited with 0 +++
[pid   300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=319, si_uid=0, si_status=0, si_utime=0, si_stime=1} ---
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=320, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   300] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   301] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   300] <... restart_syscall resumed>) = 0
[pid   301] <... restart_syscall resumed>) = 0
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   301] <... clone resumed>, child_tidptr=0x555555bba750) = 325
./strace-static-x86_64: Process 326 attached
[pid   300] <... clone resumed>, child_tidptr=0x555555bba750) = 326
[pid   326] set_robust_list(0x555555bba760, 24) = 0
[pid   326] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
./strace-static-x86_64: Process 325 attached
[pid   325] set_robust_list(0x555555bba760, 24) = 0
[pid   325] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   325] setpgid(0, 0 <unfinished ...>
[pid   326] setpgid(0, 0 <unfinished ...>
[pid   325] <... setpgid resumed>)      = 0
[pid   326] <... setpgid resumed>)      = 0
[pid   326] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   325] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   325] write(3, "1000", 4 <unfinished ...>
[pid   326] <... openat resumed>)       = 3
[pid   325] <... write resumed>)        = 4
[pid   325] close(3)                    = 0
[pid   325] write(1, "executing program\n", 18executing program
) = 18
[pid   326] write(3, "1000", 4 <unfinished ...>
[pid   325] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   326] <... write resumed>)        = 4
[pid   325] <... bpf resumed>)          = 3
[pid   325] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   326] close(3 <unfinished ...>
[pid   325] <... bpf resumed>)          = 0
[pid   326] <... close resumed>)        = 0
[pid   326] write(1, "executing program\n", 18 <unfinished ...>
executing program
[pid   325] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   326] <... write resumed>)        = 18
[pid   326] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   326] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   326] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   325] <... bpf resumed>)          = 4
[pid   325] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   326] <... bpf resumed>)          = 4
[pid   326] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   322] <... bpf resumed>)          = 5
[pid   323] <... bpf resumed>)          = 5
[pid   321] <... bpf resumed>)          = 5
[pid   322] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   321] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   323] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   322] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   321] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   325] <... bpf resumed>)          = 5
[pid   323] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   322] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   321] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   325] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   323] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   322] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   321] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   325] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   323] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   322] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   321] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   325] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   323] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   322] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   321] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   325] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   323] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   322] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   321] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   325] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   323] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   322] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   325] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   323] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   321] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   325] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   323] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   322] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   325] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   323] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   321] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   322] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   325] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   323] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   322] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   321] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   323] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   322] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   321] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   323] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   322] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   321] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   323] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   322] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   321] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   323] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   322] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   321] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   323] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   321] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   325] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   322] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   326] <... bpf resumed>)          = 5
[pid   326] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   326] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   326] recvmsg(-1, NULL, 0)        = -1 EBADF (Bad file descriptor)
[pid   326] recvmsg(-1, NULL, MSG_OOB)  = -1 EBADF (Bad file descriptor)
[pid   326] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   326] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   326] socketpair(AF_UNIX, SOCK_STREAM, 0, NULL) = -1 EFAULT (Bad address)
[pid   326] ioctl(-1, FIOASYNC, NULL)   = -1 EBADF (Bad file descriptor)
[pid   323] <... bpf resumed>)          = 6
[pid   321] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   326] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 6
[pid   322] <... bpf resumed>)          = 6
[pid   326] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16) = 7
[pid   323] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   322] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   321] <... bpf resumed>)          = 6
[pid   323] <... bpf resumed>)          = 7
[pid   322] <... bpf resumed>)          = 7
[pid   321] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   326] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   325] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   323] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   322] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   321] <... bpf resumed>)          = 7
[pid   326] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   325] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   323] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[   28.126672][   T82] RSP: 002b:00007ffde13b37d8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   28.134915][   T82] RAX: 0000000000000053 RBX: 0000000000000002 RCX: 00007fe7d518eb6a
[   28.142812][   T82] RDX: 00000000000000ff RSI: 0000559eae617300 RDI: 0000000000000000
[   28.150713][   T82] RBP: 0000559eae6172c0 R08: 0000000000000001 R09: 0000000000000000
[   28.158526][   T82] R10: 00007fe7d532d3a3 R11: 0000000000000246 R12: 0000559eae617347
[   28.166358][   T82] R13: 0000559eae617300 R14: 0000000000000000 R15: 00007fe7d536ba80
[   28.174151][   T82]  </TASK>
[pid   322] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[   28.206918][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   28.218486][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   28.226046][  T291] Modules linked in:
[   28.229855][  T291] Preemption disabled at:
[   28.229864][  T291] [<ffffffff81446d39>] __se_sys_ptrace+0x229/0x400
[   28.240402][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   28.251802][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   28.261700][  T291] Call Trace:
[   28.264821][  T291]  <TASK>
[   28.267687][  T291]  dump_stack_lvl+0x151/0x1b7
[   28.272213][  T291]  ? __se_sys_ptrace+0x229/0x400
[   28.276975][  T291]  ? __se_sys_ptrace+0x229/0x400
[   28.281752][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   28.287215][  T291]  ? __se_sys_ptrace+0x229/0x400
[   28.291989][  T291]  dump_stack+0x15/0x17
[   28.295987][  T291]  __schedule_bug+0x195/0x260
[   28.300498][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   28.305615][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   28.311255][  T291]  ? bpf_bprintf_cleanup+0x1a/0x60
[   28.316205][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   28.321238][  T291]  __schedule+0xd19/0x1590
[   28.325609][  T291]  ? __kasan_check_read+0x11/0x20
[   28.330461][  T291]  ? __fdget_pos+0x209/0x3a0
[   28.334889][  T291]  ? __sched_text_start+0x8/0x8
[   28.339576][  T291]  ? ksys_write+0x24f/0x2c0
[   28.343930][  T291]  schedule+0x11f/0x1e0
[   28.347906][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   28.352967][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   28.358239][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   28.363616][  T291]  do_syscall_64+0x49/0xb0
[   28.367868][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   28.373602][  T291] RIP: 0033:0x4e5c73
[   28.377331][  T291] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18
[   28.396770][  T291] RSP: 002b:00007ffec93eeef8 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   28.405015][  T291] RAX: 0000000000000049 RBX: 0000000000000049 RCX: 00000000004e5c73
[   28.412826][  T291] RDX: 0000000000000049 RSI: 0000000001478000 RDI: 0000000000000002
[   28.420637][  T291] RBP: 0000000001478000 R08: 00000000ffffffff R09: 0000000000000020
[   28.428448][  T291] R10: 000000000058f4b4 R11: 0000000000000246 R12: 0000000000000049
[   28.436258][  T291] R13: 0000000000617480 R14: 0000000000000049 R15: 0000000000000001
[   28.444075][  T291]  </TASK>
[   28.447677][    C0] softirq: huh, entered softirq 9 RCU ffffffff815cac40 with preempt_count 00000103, exited with 00000102?
[   28.458852][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   28.466163][  T291] Modules linked in:
[   28.470062][  T291] Preemption disabled at:
[   28.470071][  T291] [<ffffffff81446d39>] __se_sys_ptrace+0x229/0x400
[   28.480600][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   28.492023][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   28.501917][  T291] Call Trace:
[   28.505036][  T291]  <TASK>
[   28.507814][  T291]  dump_stack_lvl+0x151/0x1b7
[   28.512325][  T291]  ? __se_sys_ptrace+0x229/0x400
[   28.517099][  T291]  ? __se_sys_ptrace+0x229/0x400
[   28.521874][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   28.527342][  T291]  ? __se_sys_ptrace+0x229/0x400
[   28.532114][  T291]  dump_stack+0x15/0x17
[   28.536106][  T291]  __schedule_bug+0x195/0x260
[   28.540621][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   28.545740][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   28.551380][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   28.556418][  T291]  __schedule+0xd19/0x1590
[   28.560674][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   28.566050][  T291]  ? bpf_trace_run2+0xf1/0x210
[   28.570650][  T291]  ? __sched_text_start+0x8/0x8
[   28.575339][  T291]  ? ptrace_check_attach+0x323/0x420
[   28.580459][  T291]  schedule+0x11f/0x1e0
[   28.584452][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   28.589540][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   28.594793][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   28.600161][  T291]  do_syscall_64+0x49/0xb0
[   28.604412][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   28.610139][  T291] RIP: 0033:0x4e6c1a
[   28.613964][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   28.633493][  T291] RSP: 002b:00007ffec93eefa0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[   28.641738][  T291] RAX: 0000000000000000 RBX: 00000000014752f8 RCX: 00000000004e6c1a
[   28.649547][  T291] RDX: 0000000000000000 RSI: 0000000000000127 RDI: 0000000000000018
[pid   321] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   326] close(-1 <unfinished ...>
[pid   325] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   323] close(-1 <unfinished ...>
[pid   322] close(-1 <unfinished ...>
[pid   321] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   323] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   322] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   321] close(-1 <unfinished ...>
[pid   323] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   322] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   321] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   323] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   322] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   321] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   323] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   322] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   321] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   325] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   323] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   322] <... openat resumed>)       = -1 EFAULT (Bad address)
[   28.657358][  T291] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000001
[   28.665172][  T291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000001476ba0
[   28.672979][  T291] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180
[   28.680796][  T291]  </TASK>
[   28.687727][    C0] softirq: huh, entered softirq 9 RCU ffffffff815cac40 with preempt_count 00000103, exited with 00000102?
[   28.698886][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   28.706283][  T291] Modules linked in:
[   28.710076][  T291] Preemption disabled at:
[   28.710084][  T291] [<ffffffff81529686>] remove_wait_queue+0x26/0x140
[   28.720680][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   28.732116][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   28.742013][  T291] Call Trace:
[   28.745136][  T291]  <TASK>
[   28.747914][  T291]  dump_stack_lvl+0x151/0x1b7
[   28.752436][  T291]  ? remove_wait_queue+0x26/0x140
[   28.757289][  T291]  ? remove_wait_queue+0x26/0x140
[   28.762151][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   28.767621][  T291]  ? remove_wait_queue+0x26/0x140
[   28.772679][  T291]  dump_stack+0x15/0x17
[   28.776665][  T291]  __schedule_bug+0x195/0x260
[   28.781179][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   28.786297][  T291]  ? kernel_waitid+0x520/0x520
[   28.790898][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   28.795932][  T291]  __schedule+0xd19/0x1590
[   28.800190][  T291]  ? __x64_sys_wait4+0x181/0x1e0
[   28.804959][  T291]  ? bpf_trace_run2+0xf1/0x210
[   28.809562][  T291]  ? __sched_text_start+0x8/0x8
[   28.814246][  T291]  schedule+0x11f/0x1e0
[   28.818237][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   28.823273][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   28.828565][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   28.833946][  T291]  do_syscall_64+0x49/0xb0
[   28.838218][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   28.843926][  T291] RIP: 0033:0x4d49a6
[   28.847659][  T291] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
[   28.867351][  T291] RSP: 002b:00007ffec93ef0b8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[   28.875581][  T291] RAX: 0000000000000127 RBX: 0000000000000009 RCX: 00000000004d49a6
[   28.883395][  T291] RDX: 0000000040000001 RSI: 00007ffec93ef0dc RDI: 00000000ffffffff
[   28.891203][  T291] RBP: 0000000001476e40 R08: 0000000000000000 R09: 0000000000000000
[   28.899022][  T291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000147d880
[pid   321] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   325] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   323] write(-1, NULL, 206336 <unfinished ...>
[pid   322] write(-1, NULL, 206336 <unfinished ...>
[pid   321] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   326] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[   28.906831][  T291] R13: 0000000000000129 R14: 00007ffec93ef0dc R15: 0000000000617180
[   28.914651][  T291]  </TASK>
[   28.918924][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   28.930390][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   28.937737][  T291] Modules linked in:
[   28.941420][  T291] Preemption disabled at:
[   28.941427][  T291] [<ffffffff81c23c29>] fd_install+0x59/0x250
[   28.951572][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   28.962994][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   28.972910][  T291] Call Trace:
[   28.976012][  T291]  <TASK>
[   28.978785][  T291]  dump_stack_lvl+0x151/0x1b7
[   28.983298][  T291]  ? fd_install+0x59/0x250
[   28.987565][  T291]  ? fd_install+0x59/0x250
[   28.991801][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   28.997268][  T291]  ? fd_install+0x59/0x250
[   29.001521][  T291]  dump_stack+0x15/0x17
[   29.005514][  T291]  __schedule_bug+0x195/0x260
[   29.010029][  T291]  ? sock_show_fdinfo+0xa0/0xa0
[   29.014714][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   29.019835][  T291]  ? bpf_bprintf_cleanup+0x3f/0x60
[   29.024785][  T291]  __schedule+0xd19/0x1590
[   29.029034][  T291]  ? sock_ioctl+0x455/0x740
[   29.033375][  T291]  ? bpf_trace_run2+0xf1/0x210
[   29.037972][  T291]  ? __sched_text_start+0x8/0x8
[   29.042688][  T291]  ? bpf_trace_run1+0x1c0/0x1c0
[   29.047349][  T291]  schedule+0x11f/0x1e0
[   29.051346][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   29.056374][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   29.061761][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   29.067138][  T291]  do_syscall_64+0x49/0xb0
[   29.071392][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   29.077121][  T291] RIP: 0033:0x4e6a17
[   29.080854][  T291] Code: 3c 1c 48 f7 d8 49 39 c4 72 b8 e8 f4 e8 02 00 85 c0 78 bd 48 83 c4 08 4c 89 e0 5b 41 5c c3 0f 1f 44 00 00 b8 10 00 00 00 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   29.100293][  T291] RSP: 002b:00007ffec93eee98 EFLAGS: 00000246 ORIG_RAX: 0000000000000010
[pid   325] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   326] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   325] <... bpf resumed>)          = 6
[pid   323] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   322] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[   29.108545][  T291] RAX: ffffffffffffffed RBX: 0000000000000000 RCX: 00000000004e6a17
[   29.116348][  T291] RDX: 00007ffec93eeea0 RSI: 0000000000008910 RDI: 0000000000000003
[   29.124159][  T291] RBP: 0000000000000003 R08: 00000000ffffffff R09: 000000000000000d
[   29.131970][  T291] R10: 00000000005549d3 R11: 0000000000000246 R12: 00007ffec93eef00
[   29.139784][  T291] R13: 00007ffec93eeea0 R14: 0000000000427210 R15: 0000000000617180
[   29.147601][  T291]  </TASK>
[   29.152993][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   29.164428][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   29.171924][  T291] Modules linked in:
[   29.175633][  T291] Preemption disabled at:
[   29.175639][  T291] [<ffffffff81446d39>] __se_sys_ptrace+0x229/0x400
[   29.186137][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   29.197589][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   29.207487][  T291] Call Trace:
[   29.210610][  T291]  <TASK>
[   29.213386][  T291]  dump_stack_lvl+0x151/0x1b7
[   29.217898][  T291]  ? __se_sys_ptrace+0x229/0x400
[   29.222675][  T291]  ? __se_sys_ptrace+0x229/0x400
[   29.227450][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   29.232918][  T291]  ? __se_sys_ptrace+0x229/0x400
[   29.237692][  T291]  dump_stack+0x15/0x17
[   29.241681][  T291]  __schedule_bug+0x195/0x260
[   29.246197][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   29.251315][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   29.256959][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   29.262044][  T291]  __schedule+0xd19/0x1590
[   29.266243][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   29.271629][  T291]  ? bpf_trace_run2+0xf1/0x210
[   29.276225][  T291]  ? __sched_text_start+0x8/0x8
[   29.280916][  T291]  ? ptrace_check_attach+0x323/0x420
[   29.286033][  T291]  schedule+0x11f/0x1e0
[   29.290027][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   29.295062][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   29.300360][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   29.305736][  T291]  do_syscall_64+0x49/0xb0
[   29.309988][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   29.315721][  T291] RIP: 0033:0x4e6c1a
[   29.319451][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   29.338889][  T291] RSP: 002b:00007ffec93eefa0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[   29.347134][  T291] RAX: 0000000000000000 RBX: 00000000014752f8 RCX: 00000000004e6c1a
[pid   321] write(-1, NULL, 206336 <unfinished ...>
[pid   326] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   325] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   323] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   322] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   321] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   325] <... bpf resumed>)          = 7
[pid   325] recvmsg(-1, NULL, 0)        = -1 EBADF (Bad file descriptor)
[pid   325] close(-1)                   = -1 EBADF (Bad file descriptor)
[pid   325] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   325] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   326] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   323] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   322] <... openat resumed>)       = -1 EFAULT (Bad address)
[   29.354945][  T291] RDX: 0000000000000000 RSI: 0000000000000129 RDI: 0000000000000018
[   29.362756][  T291] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000006
[   29.370568][  T291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000001476e40
[   29.378380][  T291] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180
[   29.386196][  T291]  </TASK>
[   29.391573][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   29.403177][  T325] BUG: scheduling while atomic: syz-executor381/325/0x00000002
[   29.410581][  T325] Modules linked in:
[   29.414276][  T325] Preemption disabled at:
[   29.414282][  T325] [<ffffffff81468328>] ptrace_stop+0x588/0xa90
[   29.424611][  T325] CPU: 0 PID: 325 Comm: syz-executor381 Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   29.436067][  T325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   29.445961][  T325] Call Trace:
[   29.449089][  T325]  <TASK>
[   29.451862][  T325]  dump_stack_lvl+0x151/0x1b7
[   29.456378][  T325]  ? ptrace_stop+0x588/0xa90
[   29.460804][  T325]  ? ptrace_stop+0x588/0xa90
[   29.465232][  T325]  ? io_uring_drop_tctx_refs+0x190/0x190
[   29.470698][  T325]  ? ptrace_stop+0x588/0xa90
[   29.475124][  T325]  dump_stack+0x15/0x17
[   29.479119][  T325]  __schedule_bug+0x195/0x260
[   29.483632][  T325]  ? ttwu_queue_wakelist+0x510/0x510
[   29.488888][  T325]  __schedule+0xd19/0x1590
[   29.493131][  T325]  ? __kasan_check_write+0x14/0x20
[   29.498077][  T325]  ? _raw_spin_lock_irq+0xa5/0x1b0
[   29.503028][  T325]  ? __sched_text_start+0x8/0x8
[   29.507715][  T325]  ? cgroup_update_frozen+0x15f/0x980
[   29.512919][  T325]  schedule+0x11f/0x1e0
[   29.516913][  T325]  ptrace_stop+0x4ea/0xa90
[   29.521165][  T325]  ptrace_notify+0x22b/0x350
[   29.525591][  T325]  ? do_notify_parent+0xa30/0xa30
[   29.529944][   T30] audit: type=1400 audit(1716266296.017:74): avc:  denied  { remove_name } for  pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=dir permissive=1
[   29.530453][  T325]  ? __x64_sys_openat+0x243/0x290
[   29.557541][  T325]  ? __ia32_sys_open+0x270/0x270
[   29.562332][  T325]  ? __traceiter_sys_enter+0x2a/0x40
[   29.567426][  T325]  syscall_exit_to_user_mode+0xac/0x160
[   29.572806][  T325]  do_syscall_64+0x49/0xb0
[   29.577059][  T325]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   29.577677][   T30] audit: type=1400 audit(1716266296.017:75): avc:  denied  { rename } for  pid=82 comm="syslogd" name="messages" dev="tmpfs" ino=2 scontext=system_u:system_r:syslogd_t tcontext=system_u:object_r:tmpfs_t tclass=file permissive=1
[   29.582789][  T325] RIP: 0033:0x7f46a63166a9
[   29.608828][  T325] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   29.628269][  T325] RSP: 002b:00007ffc64ccf818 EFLAGS: 00000246 ORIG_RAX: 0000000000000101
[   29.636528][  T325] RAX: fffffffffffffff2 RBX: 0000000000000000 RCX: 00007f46a63166a9
[   29.644419][  T325] RDX: 00000000000026e1 RSI: 0000000000000000 RDI: 00000000ffffff9c
[   29.652226][  T325] RBP: 0000000000000000 R08: 65732f636f72702f R09: 65732f636f72702f
[pid   321] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   325] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   326] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   323] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   322] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   321] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   325] write(-1, NULL, 206336 <unfinished ...>
[pid   326] write(-1, NULL, 206336 <unfinished ...>
[pid   323] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   322] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   321] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   326] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   323] exit_group(0 <unfinished ...>
[pid   322] exit_group(0 <unfinished ...>
[pid   321] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   326] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   323] <... exit_group resumed>)   = ?
[pid   322] <... exit_group resumed>)   = ?
[pid   321] exit_group(0 <unfinished ...>
[pid   326] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   323] +++ exited with 0 +++
[pid   322] +++ exited with 0 +++
[pid   321] <... exit_group resumed>)   = ?
[pid   326] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   321] +++ exited with 0 +++
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=322, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=323, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   326] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   326] exit_group(0 <unfinished ...>
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=321, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   326] <... exit_group resumed>)   = ?
[pid   298] restart_syscall(<... resuming interrupted clone ...>) = 0
[   29.660034][  T325] R10: 0000000000000000 R11: 0000000000000246 R12: 00000000000f4240
[   29.667845][  T325] R13: 0000000000006939 R14: 00007ffc64ccf8bc R15: 00007ffc64ccf8c0
[   29.675663][  T325]  </TASK>
[   29.679944][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   29.691374][  T325] BUG: scheduling while atomic: syz-executor381/325/0x00000002
[   29.699227][  T325] Modules linked in:
[   29.702931][  T325] Preemption disabled at:
[   29.702938][  T325] [<ffffffff81468328>] ptrace_stop+0x588/0xa90
[   29.713136][  T325] CPU: 0 PID: 325 Comm: syz-executor381 Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   29.724547][  T325] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   29.734698][  T325] Call Trace:
[   29.737824][  T325]  <TASK>
[   29.740602][  T325]  dump_stack_lvl+0x151/0x1b7
[   29.745111][  T325]  ? ptrace_stop+0x588/0xa90
[   29.749537][  T325]  ? ptrace_stop+0x588/0xa90
[   29.753966][  T325]  ? io_uring_drop_tctx_refs+0x190/0x190
[   29.759434][  T325]  ? ptrace_stop+0x588/0xa90
[   29.763859][  T325]  dump_stack+0x15/0x17
[   29.767854][  T325]  __schedule_bug+0x195/0x260
[   29.772378][  T325]  ? ttwu_queue_wakelist+0x510/0x510
[   29.777732][  T325]  __schedule+0xd19/0x1590
[   29.781973][  T325]  ? __kasan_check_write+0x14/0x20
[   29.786919][  T325]  ? _raw_spin_lock_irq+0xa5/0x1b0
[   29.791866][  T325]  ? __sched_text_start+0x8/0x8
[   29.796551][  T325]  ? cgroup_update_frozen+0x15f/0x980
[   29.801764][  T325]  schedule+0x11f/0x1e0
[   29.805754][  T325]  ptrace_stop+0x4ea/0xa90
[   29.810005][  T325]  ptrace_notify+0x22b/0x350
[   29.814431][  T325]  ? do_notify_parent+0xa30/0xa30
[   29.819289][  T325]  ? __ia32_sys_read+0x90/0x90
[   29.823890][  T325]  ? __bpf_trace_sys_enter+0x62/0x70
[   29.829014][  T325]  syscall_exit_to_user_mode+0xac/0x160
[   29.834394][  T325]  do_syscall_64+0x49/0xb0
[   29.838648][  T325]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   29.844372][  T325] RIP: 0033:0x7f46a63166a9
[   29.848634][  T325] Code: 28 00 00 00 75 05 48 83 c4 28 c3 e8 c1 17 00 00 90 48 89 f8 48 89 f7 48 89 d6 48 89 ca 4d 89 c2 4d 89 c8 4c 8b 4c 24 08 0f 05 <48> 3d 01 f0 ff ff 73 01 c3 48 c7 c1 b8 ff ff ff f7 d8 64 89 01 48
[   29.868152][  T325] RSP: 002b:00007ffc64ccf818 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   29.876571][  T325] RAX: fffffffffffffff7 RBX: 0000000000000000 RCX: 00007f46a63166a9
[   29.884383][  T325] RDX: 0000000000032600 RSI: 0000000000000000 RDI: 00000000ffffffff
[   29.892197][  T325] RBP: 0000000000000000 R08: 65732f636f72702f R09: 65732f636f72702f
[   29.900008][  T325] R10: 65732f636f72702f R11: 0000000000000246 R12: 00000000000f4240
[pid   325] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   325] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   326] +++ exited with 0 +++
[pid   325] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   325] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   325] exit_group(0)               = ?
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=326, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[   29.907823][  T325] R13: 0000000000006939 R14: 00007ffc64ccf8bc R15: 00007ffc64ccf8c0
[   29.915639][  T325]  </TASK>
[   29.919862][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   29.931477][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   29.939045][  T291] Modules linked in:
[   29.942772][  T291] Preemption disabled at:
[   29.942785][  T291] [<ffffffff81446d39>] __se_sys_ptrace+0x229/0x400
[   29.953324][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   29.964803][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   29.974783][  T291] Call Trace:
[   29.977909][  T291]  <TASK>
[   29.980687][  T291]  dump_stack_lvl+0x151/0x1b7
[   29.985193][  T291]  ? __se_sys_ptrace+0x229/0x400
[   29.989970][  T291]  ? __se_sys_ptrace+0x229/0x400
[   29.994752][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   30.000217][  T291]  ? __se_sys_ptrace+0x229/0x400
[   30.004985][  T291]  dump_stack+0x15/0x17
[   30.008978][  T291]  __schedule_bug+0x195/0x260
[   30.013490][  T291]  ? __kasan_check_read+0x11/0x20
[   30.018349][  T291]  ? rb_commit+0x732/0x780
[   30.022604][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   30.027724][  T291]  __schedule+0xd19/0x1590
[   30.031978][  T291]  ? _raw_spin_lock+0x1b0/0x1b0
[   30.036666][  T291]  ? __sched_text_start+0x8/0x8
[   30.041352][  T291]  ? child_wait_callback+0x200/0x200
[   30.046472][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   30.052115][  T291]  schedule+0x11f/0x1e0
[   30.056105][  T291]  do_wait+0x6e7/0xa10
[   30.060016][  T291]  kernel_wait4+0x29e/0x3d0
[   30.064350][  T291]  ? __ia32_sys_waitid+0xd0/0xd0
[   30.069124][  T291]  ? kernel_waitid+0x520/0x520
[   30.073725][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   30.078760][  T291]  __x64_sys_wait4+0x130/0x1e0
[   30.083357][  T291]  ? kernel_wait+0x230/0x230
[   30.087790][  T291]  ? __bpf_trace_sys_enter+0x62/0x70
[   30.092908][  T291]  ? syscall_enter_from_user_mode+0x14d/0x1b0
[   30.098807][  T291]  do_syscall_64+0x3d/0xb0
[   30.103067][  T291]  ? sysvec_call_function_single+0x52/0xb0
[   30.108703][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   30.114430][  T291] RIP: 0033:0x4d49a6
[   30.118166][  T291] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
[   30.137604][  T291] RSP: 002b:00007ffec93ef0b8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[   30.145849][  T291] RAX: ffffffffffffffda RBX: 00000000014752f8 RCX: 00000000004d49a6
[   30.153660][  T291] RDX: 0000000040000000 RSI: 00007ffec93ef0dc RDI: 00000000ffffffff
./strace-static-x86_64: Process 331 attached
./strace-static-x86_64: Process 330 attached
./strace-static-x86_64: Process 329 attached
[pid   325] +++ exited with 0 +++
[pid   331] set_robust_list(0x555555bba760, 24) = 0
[pid   331] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   330] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   331] setpgid(0, 0 <unfinished ...>
[pid   329] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=325, si_uid=0, si_status=0, si_utime=0, si_stime=31} ---
[pid   298] <... clone resumed>, child_tidptr=0x555555bba750) = 331
[pid   297] <... clone resumed>, child_tidptr=0x555555bba750) = 330
[pid   295] <... clone resumed>, child_tidptr=0x555555bba750) = 329
[pid   331] <... setpgid resumed>)      = 0
[pid   331] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXECexecuting program
 <unfinished ...>
[pid   330] <... set_robust_list resumed>) = 0
[pid   329] <... set_robust_list resumed>) = 0
[pid   331] <... openat resumed>)       = 3
[pid   300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   331] write(3, "1000", 4)         = 4
[pid   331] close(3)                    = 0
[pid   331] write(1, "executing program\n", 18 <unfinished ...>
[pid   330] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   331] <... write resumed>)        = 18
[pid   329] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   331] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   331] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   330] <... prctl resumed>)        = 0
[pid   329] <... prctl resumed>)        = 0
[pid   331] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   330] setpgid(0, 0 <unfinished ...>
[pid   329] setpgid(0, 0 <unfinished ...>
[pid   300] <... clone resumed>, child_tidptr=0x555555bba750) = 332
[pid   331] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   330] <... setpgid resumed>)      = 0
[pid   329] <... setpgid resumed>)      = 0
./strace-static-x86_64: Process 332 attached
[pid   332] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   330] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   329] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   332] <... set_robust_list resumed>) = 0
[pid   332] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   332] setpgid(0, 0)               = 0
[pid   332] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   329] <... openat resumed>)       = 3
[pid   332] <... openat resumed>)       = 3
[pid   330] <... openat resumed>)       = 3
[pid   329] write(3, "1000", 4 <unfinished ...>
[pid   301] <... clone resumed>, child_tidptr=0x555555bba750) = 333
[pid   330] write(3, "1000", 4 <unfinished ...>
[pid   332] write(3, "1000", 4)         = 4
[pid   332] close(3 <unfinished ...>
[pid   330] <... write resumed>)        = 4
[pid   329] <... write resumed>)        = 4
executing program
[pid   332] <... close resumed>)        = 0
[pid   332] write(1, "executing program\n", 18) = 18
[pid   332] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72./strace-static-x86_64: Process 333 attached
 <unfinished ...>
[pid   330] close(3 <unfinished ...>
[pid   329] close(3 <unfinished ...>
[pid   332] <... bpf resumed>)          = 3
[pid   330] <... close resumed>)        = 0
[pid   330] write(1, "executing program\n", 18 <unfinished ...>
[pid   329] <... close resumed>)        = 0
executing program
[pid   329] write(1, "executing program\n", 18 <unfinished ...>
[pid   330] <... write resumed>)        = 18
executing program
[pid   332] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   329] <... write resumed>)        = 18
[pid   332] <... bpf resumed>)          = 0
[pid   332] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   333] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   330] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   329] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   333] <... set_robust_list resumed>) = 0
[pid   332] <... bpf resumed>)          = 4
[pid   330] <... bpf resumed>)          = 3
[pid   332] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   329] <... bpf resumed>)          = 3
[pid   333] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   330] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   329] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   330] <... bpf resumed>)          = 0
[pid   329] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   333] <... prctl resumed>)        = 0
[pid   330] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   333] setpgid(0, 0 <unfinished ...>
[pid   329] <... bpf resumed>)          = 4
[pid   329] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   333] <... setpgid resumed>)      = 0
[pid   330] <... bpf resumed>)          = 4
[pid   330] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   333] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   333] write(3, "1000", 4)         = 4
[pid   333] close(3)                    = 0
executing program
[pid   333] write(1, "executing program\n", 18) = 18
[pid   333] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   333] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   333] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   333] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16) = 5
[pid   332] <... bpf resumed>)          = 5
[pid   331] <... bpf resumed>)          = 5
[pid   330] <... bpf resumed>)          = 5
[pid   329] <... bpf resumed>)          = 5
[pid   331] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   330] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   329] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   332] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   331] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   330] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   329] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   332] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   331] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   330] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   329] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   332] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   331] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   330] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   329] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   332] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   331] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   330] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   330] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   332] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   331] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   330] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   329] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   332] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   331] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   330] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   329] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   332] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   331] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   330] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   332] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   331] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   330] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   329] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   332] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   331] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   330] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   332] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   331] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   330] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   329] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   332] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   331] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   330] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   329] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   332] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   331] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   330] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   332] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   331] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   330] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   329] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   332] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   331] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   330] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   329] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   333] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   332] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   331] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   330] <... bpf resumed>)          = 6
[pid   329] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   332] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   330] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16) = 7
[pid   330] recvmsg(-1, NULL, 0)        = -1 EBADF (Bad file descriptor)
[pid   330] close(-1)                   = -1 EBADF (Bad file descriptor)
[pid   331] <... bpf resumed>)          = 6
[pid   330] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   331] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   330] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   329] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   331] <... bpf resumed>)          = 7
[pid   330] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   329] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   331] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   330] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   329] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   331] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   330] write(-1, NULL, 206336 <unfinished ...>
[pid   329] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   332] <... bpf resumed>)          = 6
[pid   331] close(-1 <unfinished ...>
[pid   330] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   330] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   330] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   330] exit_group(0)               = ?
[   30.161474][  T291] RBP: 0000000000000000 R08: 0000000000000017 R09: 0000000000000001
[   30.169284][  T291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000147d640
[   30.177092][  T291] R13: 0000000000000000 R14: 00007ffec93ef0dc R15: 0000000000617180
[   30.184911][  T291]  </TASK>
[   30.216874][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   30.228296][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   30.234812][  T288] Modules linked in:
[   30.238549][  T288] Preemption disabled at:
[   30.238557][  T288] [<ffffffff83dd5260>] release_sock+0x30/0x1b0
[   30.248711][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   30.259200][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   30.269076][  T288] Call Trace:
[   30.272198][  T288]  <TASK>
[   30.274981][  T288]  dump_stack_lvl+0x151/0x1b7
[   30.279489][  T288]  ? release_sock+0x30/0x1b0
[   30.283916][  T288]  ? release_sock+0x30/0x1b0
[   30.288349][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   30.293815][  T288]  ? release_sock+0x30/0x1b0
[   30.298237][  T288]  dump_stack+0x15/0x17
[   30.302264][  T288]  __schedule_bug+0x195/0x260
[   30.306744][  T288]  ? __kasan_check_write+0x14/0x20
[   30.311689][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   30.316810][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   30.322106][  T288]  __schedule+0xd19/0x1590
[   30.326371][  T288]  ? __kasan_check_read+0x11/0x20
[   30.331221][  T288]  ? _copy_to_user+0x78/0x90
[   30.335649][  T288]  ? __sched_text_start+0x8/0x8
[   30.340334][  T288]  ? __se_sys_rt_sigprocmask+0x311/0x380
[   30.345802][  T288]  ? __x64_sys_rt_sigprocmask+0xb0/0xb0
[   30.351180][  T288]  schedule+0x11f/0x1e0
[   30.355176][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   30.360211][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   30.365501][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   30.370882][  T288]  do_syscall_64+0x49/0xb0
[   30.375143][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   30.380864][  T288] RIP: 0033:0x7f635424f773
[   30.385142][  T288] Code: 00 f3 a5 48 8d 74 24 88 48 b9 ff ff ff 7f fe ff ff ff 48 21 c8 48 89 44 24 88 41 ba 08 00 00 00 44 89 c7 b8 0e 00 00 00 0f 05 <45> 31 c0 3d 00 f0 ff ff 76 06 41 89 c0 41 f7 d8 44 89 c0 5a c3 41
[   30.404564][  T288] RSP: 002b:00007ffd30951110 EFLAGS: 00000246 ORIG_RAX: 000000000000000e
[pid   332] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   331] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   329] <... bpf resumed>)          = 6
[pid   333] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   333] recvmsg(-1, NULL, 0)        = -1 EBADF (Bad file descriptor)
[pid   333] recvmsg(-1, NULL, MSG_OOB)  = -1 EBADF (Bad file descriptor)
[pid   333] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   333] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   333] socketpair(AF_UNIX, SOCK_STREAM, 0, NULL) = -1 EFAULT (Bad address)
[pid   333] ioctl(-1, FIOASYNC, NULL)   = -1 EBADF (Bad file descriptor)
[pid   333] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   331] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   329] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   331] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   331] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = -1 EFAULT (Bad address)
[pid   331] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   331] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   331] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   331] exit_group(0)               = ?
[pid   333] <... bpf resumed>)          = 6
[pid   333] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   330] +++ exited with 0 +++
[pid   329] <... bpf resumed>)          = 7
[pid   329] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=330, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   329] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   297] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   329] close(-1 <unfinished ...>
[pid   297] <... restart_syscall resumed>) = 0
[pid   329] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   329] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   329] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = -1 EFAULT (Bad address)
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   329] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   329] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   297] <... clone resumed>, child_tidptr=0x555555bba750) = 334
[pid   329] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   329] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   329] exit_group(0)               = ?
./strace-static-x86_64: Process 334 attached
[pid   334] set_robust_list(0x555555bba760, 24) = 0
[pid   334] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   334] setpgid(0, 0)               = 0
[   30.412805][  T288] RAX: 0000000000000000 RBX: 0000000000000000 RCX: 00007f635424f773
[   30.420617][  T288] RDX: 00007ffd309511f8 RSI: 00007ffd30951178 RDI: 0000000000000000
[   30.428427][  T288] RBP: 000055a0aa845460 R08: 0000000000000000 R09: 0000000000000000
[   30.436242][  T288] R10: 0000000000000008 R11: 0000000000000246 R12: 000055a0a992daa4
[   30.444050][  T288] R13: 000000000000001e R14: 000055a0a992e3e8 R15: 00007ffd30951178
[   30.451869][  T288]  </TASK>
[   30.463097][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   30.474723][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   30.482102][  T291] Modules linked in:
[   30.485775][  T291] Preemption disabled at:
[   30.485783][  T291] [<ffffffff814cd0b6>] try_to_wake_up+0x86/0x1160
[   30.496184][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   30.507640][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   30.517533][  T291] Call Trace:
[   30.520656][  T291]  <TASK>
[   30.523434][  T291]  dump_stack_lvl+0x151/0x1b7
[   30.527943][  T291]  ? try_to_wake_up+0x86/0x1160
[   30.532630][  T291]  ? try_to_wake_up+0x86/0x1160
[   30.537320][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   30.542789][  T291]  ? try_to_wake_up+0x86/0x1160
[   30.547479][  T291]  dump_stack+0x15/0x17
[   30.551468][  T291]  __schedule_bug+0x195/0x260
[   30.555983][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   30.561100][  T291]  ? kernel_waitid+0x520/0x520
[   30.565711][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   30.570743][  T291]  __schedule+0xd19/0x1590
[   30.574989][  T291]  ? __x64_sys_wait4+0x181/0x1e0
[   30.579762][  T291]  ? bpf_trace_run2+0xf1/0x210
[   30.584382][  T291]  ? __sched_text_start+0x8/0x8
[   30.589136][  T291]  schedule+0x11f/0x1e0
[   30.593125][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   30.598162][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   30.603481][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   30.608846][  T291]  do_syscall_64+0x49/0xb0
[   30.613095][  T291]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[   30.618823][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   30.624634][  T291] RIP: 0033:0x4d49a6
[   30.628395][  T291] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
[   30.647814][  T291] RSP: 002b:00007ffec93ef0b8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[   30.656139][  T291] RAX: 000000000000014e RBX: 00000000014752f8 RCX: 00000000004d49a6
[pid   334] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   333] <... bpf resumed>)          = 7
[pid   332] <... bpf resumed>)          = 7
[   30.663964][  T291] RDX: 0000000040000000 RSI: 00007ffec93ef0dc RDI: 00000000ffffffff
[   30.671769][  T291] RBP: 0000000000000000 R08: 0000000000000017 R09: 0000000000000000
[   30.679576][  T291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000147d400
[   30.687387][  T291] R13: 0000000000000000 R14: 00007ffec93ef0dc R15: 0000000000617180
[   30.695210][  T291]  </TASK>
[   30.700704][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   30.712324][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   30.718797][  T288] Modules linked in:
[   30.722590][  T288] Preemption disabled at:
[   30.722600][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   30.733575][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   30.744125][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   30.754014][  T288] Call Trace:
[   30.757139][  T288]  <TASK>
[   30.759920][  T288]  dump_stack_lvl+0x151/0x1b7
[   30.764430][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   30.769722][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   30.775048][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   30.780486][  T288]  ? fsnotify_perm+0x470/0x5d0
[   30.785093][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   30.790387][  T288]  dump_stack+0x15/0x17
[   30.794374][  T288]  __schedule_bug+0x195/0x260
[   30.798889][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   30.804210][  T288]  ? bpf_bprintf_cleanup+0x1a/0x60
[   30.809157][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   30.814461][  T288]  __schedule+0xd19/0x1590
[   30.818705][  T288]  ? __kasan_check_read+0x11/0x20
[   30.823827][  T288]  ? __fdget_pos+0x209/0x3a0
[   30.828252][  T288]  ? __sched_text_start+0x8/0x8
[   30.832941][  T288]  ? ksys_read+0x24f/0x2c0
[   30.837194][  T288]  ? __x64_sys_rt_sigprocmask+0xb0/0xb0
[   30.842573][  T288]  schedule+0x11f/0x1e0
[   30.846566][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   30.851606][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   30.856897][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   30.862276][  T288]  do_syscall_64+0x49/0xb0
[   30.866529][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   30.872258][  T288] RIP: 0033:0x7f63542a3b6a
[   30.876513][  T288] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83
[   30.896039][  T288] RSP: 002b:00007ffd3094cfc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   30.904282][  T288] RAX: 0000000000000c50 RBX: 0000000000000000 RCX: 00007f63542a3b6a
[   30.912095][  T288] RDX: 0000000000004000 RSI: 00007ffd3094cfe8 RDI: 0000000000000009
[pid   334] <... openat resumed>)       = 3
[pid   333] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   332] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   331] +++ exited with 0 +++
[pid   329] +++ exited with 0 +++
[pid   334] write(3, "1000", 4 <unfinished ...>
[pid   333] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   332] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   334] <... write resumed>)        = 4
[pid   333] close(-1 <unfinished ...>
[pid   332] close(-1 <unfinished ...>
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=331, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   334] close(3 <unfinished ...>
[pid   333] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   332] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   334] <... close resumed>)        = 0
[pid   333] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   332] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   334] write(1, "executing program\n", 18 <unfinished ...>
[pid   333] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   332] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   298] <... clone resumed>, child_tidptr=0x555555bba750) = 335
[pid   334] <... write resumed>)        = 18
[pid   333] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   332] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   334] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   333] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   332] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   334] <... bpf resumed>)          = 3
[pid   333] write(-1, NULL, 206336 <unfinished ...>
[pid   332] write(-1, NULL, 206336 <unfinished ...>
[pid   334] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   333] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   332] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   334] <... bpf resumed>)          = 0
[pid   333] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   332] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   334] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144executing program
executing program
executing program
 <unfinished ...>
[pid   333] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   332] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   334] <... bpf resumed>)          = 4
[pid   333] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   332] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   334] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   333] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   332] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   334] <... bpf resumed>)          = 5
[pid   333] exit_group(0 <unfinished ...>
[pid   332] exit_group(0 <unfinished ...>
[pid   334] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   333] <... exit_group resumed>)   = ?
[pid   332] <... exit_group resumed>)   = ?
[pid   334] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
./strace-static-x86_64: Process 335 attached
[pid   334] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   335] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   334] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   335] <... set_robust_list resumed>) = 0
[pid   334] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   335] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   334] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   335] <... prctl resumed>)        = 0
[pid   334] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   335] setpgid(0, 0 <unfinished ...>
[pid   334] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   335] <... setpgid resumed>)      = 0
[pid   334] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   335] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   334] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   335] <... openat resumed>)       = 3
[pid   334] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   335] write(3, "1000", 4 <unfinished ...>
[pid   334] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   335] <... write resumed>)        = 4
[pid   334] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   335] close(3 <unfinished ...>
[pid   334] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   335] <... close resumed>)        = 0
[pid   334] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   335] write(1, "executing program\n", 18 <unfinished ...>
[pid   334] <... bpf resumed>)          = 6
[pid   335] <... write resumed>)        = 18
[pid   335] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   335] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   334] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   335] <... bpf resumed>)          = 0
[pid   335] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   335] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=329, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bba750) = 336
./strace-static-x86_64: Process 336 attached
[pid   336] set_robust_list(0x555555bba760, 24) = 0
[pid   336] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   336] setpgid(0, 0)               = 0
[pid   336] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   336] write(3, "1000", 4)         = 4
[pid   336] close(3)                    = 0
[pid   336] write(1, "executing program\n", 18) = 18
[pid   336] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   336] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   336] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   336] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   333] +++ exited with 0 +++
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=333, si_uid=0, si_status=0, si_utime=0, si_stime=22} ---
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bba750) = 338
./strace-static-x86_64: Process 338 attached
[pid   338] set_robust_list(0x555555bba760, 24) = 0
[pid   338] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   338] setpgid(0, 0)               = 0
[pid   338] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   338] write(3, "1000", 4)         = 4
[pid   338] close(3)                    = 0
[pid   338] write(1, "executing program\n", 18executing program
) = 18
[pid   338] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   338] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   338] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   338] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   332] +++ exited with 0 +++
[pid   300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=332, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   334] <... bpf resumed>)          = 7
[pid   336] <... bpf resumed>)          = 5
[pid   335] <... bpf resumed>)          = 5
[pid   334] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   336] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   335] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   334] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   338] <... bpf resumed>)          = 5
[   30.919905][  T288] RBP: 000055a0aa84d3f0 R08: 0000000000000000 R09: 0000000000000000
[   30.927720][  T288] R10: 00007ffd3094cfe8 R11: 0000000000000246 R12: 000055a0aa845460
[   30.935528][  T288] R13: 000055a0a9936937 R14: 000055a0a9939480 R15: 000055a0aa845460
[   30.943370][  T288]  </TASK>
[pid   336] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[   30.969699][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   30.981239][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   30.988840][  T291] Modules linked in:
[   30.992655][  T291] Preemption disabled at:
[   30.992662][  T291] [<ffffffff81bccae9>] pipe_write+0x1429/0x1930
[   31.002859][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   31.014253][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   31.024144][  T291] Call Trace:
[   31.027267][  T291]  <TASK>
[   31.030045][  T291]  dump_stack_lvl+0x151/0x1b7
[   31.034556][  T291]  ? pipe_write+0x1429/0x1930
[   31.039157][  T291]  ? pipe_write+0x1429/0x1930
[   31.043676][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   31.049228][  T291]  ? pipe_write+0x1429/0x1930
[   31.053739][  T291]  dump_stack+0x15/0x17
[   31.057726][  T291]  __schedule_bug+0x195/0x260
[   31.062242][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   31.067369][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   31.073114][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   31.078147][  T291]  __schedule+0xd19/0x1590
[   31.082402][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   31.087789][  T291]  ? __sched_text_start+0x8/0x8
[   31.092467][  T291]  ? ptrace_check_attach+0x323/0x420
[   31.097587][  T291]  schedule+0x11f/0x1e0
[   31.101675][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   31.106900][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   31.112198][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   31.117573][  T291]  do_syscall_64+0x49/0xb0
[   31.121828][  T291]  ? sysvec_call_function_single+0x52/0xb0
[   31.127474][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.133284][  T291] RIP: 0033:0x4e6c1a
[   31.137017][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   31.156662][  T291] RSP: 002b:00007ffec93eefa0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[pid   335] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   334] close(-1 <unfinished ...>
[pid   338] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   336] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   335] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   338] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   336] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   335] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   334] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   338] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   336] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   338] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   336] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   338] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   336] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   335] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   334] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   338] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   336] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   338] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   336] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   338] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   336] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   335] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   334] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   338] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   336] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   338] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   336] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   338] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   336] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   338] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   336] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   338] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   336] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   335] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   334] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   338] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   336] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   335] bpf(BPF_PROG_LOAD, NULL, 0./strace-static-x86_64: Process 339 attached
 <unfinished ...>
[pid   338] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   335] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   334] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   300] <... clone resumed>, child_tidptr=0x555555bba750) = 339
[pid   339] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   338] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   336] <... bpf resumed>)          = 6
[pid   335] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   334] write(-1, NULL, 206336 <unfinished ...>
[pid   339] <... set_robust_list resumed>) = 0
[pid   335] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   334] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   339] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   338] <... bpf resumed>)          = 6
[   31.164893][  T291] RAX: 0000000000000000 RBX: 00000000014752f8 RCX: 00000000004e6c1a
[   31.172703][  T291] RDX: 0000000000000000 RSI: 000000000000014f RDI: 0000000000000018
[   31.180644][  T291] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000001
[   31.188449][  T291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000001476cf0
[   31.196272][  T291] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180
[   31.204081][  T291]  </TASK>
[pid   336] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[   31.214386][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   31.226235][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   31.233727][  T291] Modules linked in:
[   31.237436][  T291] Preemption disabled at:
[   31.237443][  T291] [<ffffffff81bccae9>] pipe_write+0x1429/0x1930
[   31.247711][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   31.259143][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   31.269028][  T291] Call Trace:
[   31.272201][  T291]  <TASK>
[   31.274929][  T291]  dump_stack_lvl+0x151/0x1b7
[   31.279440][  T291]  ? pipe_write+0x1429/0x1930
[   31.283955][  T291]  ? pipe_write+0x1429/0x1930
[   31.288468][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   31.293936][  T291]  ? pipe_write+0x1429/0x1930
[   31.298449][  T291]  dump_stack+0x15/0x17
[   31.302441][  T291]  __schedule_bug+0x195/0x260
[   31.306956][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   31.312163][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   31.317891][  T291]  ? bpf_bprintf_cleanup+0x3f/0x60
[   31.322838][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   31.327874][  T291]  __schedule+0xd19/0x1590
[   31.332125][  T291]  ? __kasan_check_read+0x11/0x20
[   31.336986][  T291]  ? __fdget_pos+0x209/0x3a0
[   31.341412][  T291]  ? __sched_text_start+0x8/0x8
[   31.346114][  T291]  ? ksys_write+0x24f/0x2c0
[   31.350438][  T291]  schedule+0x11f/0x1e0
[   31.354429][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   31.359462][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   31.364758][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   31.370140][  T291]  do_syscall_64+0x49/0xb0
[   31.374392][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.380121][  T291] RIP: 0033:0x4e5c73
[   31.383855][  T291] Code: c7 c0 b8 ff ff ff 64 c7 00 16 00 00 00 b8 ff ff ff ff c3 0f 1f 40 00 64 8b 04 25 18 00 00 00 85 c0 75 14 b8 01 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 55 c3 0f 1f 40 00 48 83 ec 28 48 89 54 24 18
[   31.403295][  T291] RSP: 002b:00007ffec93eef48 EFLAGS: 00000246 ORIG_RAX: 0000000000000001
[   31.411640][  T291] RAX: 0000000000000030 RBX: 0000000000000030 RCX: 00000000004e5c73
[pid   335] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   334] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   339] <... prctl resumed>)        = 0
[pid   338] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   336] <... bpf resumed>)          = 7
[pid   338] <... bpf resumed>)          = 7
[pid   336] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   335] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   334] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   338] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   336] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   338] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   336] close(-1 <unfinished ...>
[pid   335] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   334] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   338] close(-1 <unfinished ...>
[pid   336] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   335] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   338] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   336] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   338] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   336] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   335] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   334] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   338] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   336] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   338] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   336] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   334] exit_group(0 <unfinished ...>
[pid   338] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   336] write(-1, NULL, 206336 <unfinished ...>
[pid   338] write(-1, NULL, 206336 <unfinished ...>
[pid   336] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   338] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   336] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   338] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   336] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   335] <... bpf resumed>)          = 6
[pid   339] setpgid(0, 0 <unfinished ...>
[pid   338] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   336] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[   31.419436][  T291] RDX: 0000000000000030 RSI: 0000000001478000 RDI: 0000000000000002
[   31.427248][  T291] RBP: 0000000001478000 R08: 0000000000000002 R09: 0000000000000001
[   31.435063][  T291] R10: 00007ffec93eeec7 R11: 0000000000000246 R12: 0000000000000030
[   31.442873][  T291] R13: 0000000000617480 R14: 0000000000000030 R15: 0000000000617180
[   31.450775][  T291]  </TASK>
[   31.460045][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   31.471483][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   31.479017][  T291] Modules linked in:
[   31.482723][  T291] Preemption disabled at:
[   31.482729][  T291] [<ffffffff81bccae9>] pipe_write+0x1429/0x1930
[   31.493009][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   31.504527][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   31.514420][  T291] Call Trace:
[   31.517540][  T291]  <TASK>
[   31.520318][  T291]  dump_stack_lvl+0x151/0x1b7
[   31.524827][  T291]  ? pipe_write+0x1429/0x1930
[   31.529344][  T291]  ? pipe_write+0x1429/0x1930
[   31.533858][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   31.539327][  T291]  ? pipe_write+0x1429/0x1930
[   31.543837][  T291]  dump_stack+0x15/0x17
[   31.547916][  T291]  __schedule_bug+0x195/0x260
[   31.552435][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   31.557550][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   31.563281][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   31.568314][  T291]  __schedule+0xd19/0x1590
[   31.572566][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   31.577949][  T291]  ? bpf_trace_run2+0xf1/0x210
[   31.582548][  T291]  ? __sched_text_start+0x8/0x8
[   31.587233][  T291]  ? ptrace_check_attach+0x323/0x420
[   31.592353][  T291]  schedule+0x11f/0x1e0
[   31.596349][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   31.601379][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   31.606673][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   31.612054][  T291]  do_syscall_64+0x49/0xb0
[   31.616341][  T291]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[   31.621959][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.627680][  T291] RIP: 0033:0x4e6c1a
[   31.631415][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   31.650852][  T291] RSP: 002b:00007ffec93eefa0 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[   31.659097][  T291] RAX: 0000000000000000 RBX: 00000000014752f8 RCX: 00000000004e6c1a
[pid   335] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   334] <... exit_group resumed>)   = ?
[pid   339] <... setpgid resumed>)      = 0
[pid   338] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   336] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   335] <... bpf resumed>)          = 7
[pid   338] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   336] exit_group(0 <unfinished ...>
[pid   338] exit_group(0 <unfinished ...>
[pid   336] <... exit_group resumed>)   = ?
[pid   334] +++ exited with 0 +++
[pid   339] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   338] <... exit_group resumed>)   = ?
[pid   336] +++ exited with 0 +++
[pid   335] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=334, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   339] <... openat resumed>)       = 3
[pid   335] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=336, si_uid=0, si_status=0, si_utime=0, si_stime=19} ---
[pid   339] write(3, "1000", 4)         = 4
[pid   335] close(-1 <unfinished ...>
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   339] close(3 <unfinished ...>
[pid   335] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   297] <... clone resumed>, child_tidptr=0x555555bba750) = 340
./strace-static-x86_64: Process 341 attached
./strace-static-x86_64: Process 340 attached
executing program
[pid   339] <... close resumed>)        = 0
[pid   335] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   339] write(1, "executing program\n", 18 <unfinished ...>
[pid   335] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   295] <... clone resumed>, child_tidptr=0x555555bba750) = 341
[pid   339] <... write resumed>)        = 18
[   31.666911][  T291] RDX: 0000000000000000 RSI: 000000000000014f RDI: 0000000000000018
[   31.674722][  T291] RBP: 0000000000000018 R08: 0000000000000017 R09: 0000000000000002
[   31.682532][  T291] R10: 0000000000000000 R11: 0000000000000206 R12: 0000000001476cf0
[   31.690346][  T291] R13: 0000000000000000 R14: 000000000000857f R15: 0000000000617180
[   31.698168][  T291]  </TASK>
[   31.708338][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   31.719846][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   31.726405][  T288] Modules linked in:
[   31.730079][  T288] Preemption disabled at:
[   31.730087][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   31.741112][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   31.751569][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   31.761578][  T288] Call Trace:
[   31.764694][  T288]  <TASK>
[   31.767470][  T288]  dump_stack_lvl+0x151/0x1b7
[   31.771986][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   31.777283][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   31.782572][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   31.788039][  T288]  ? fsnotify_perm+0x470/0x5d0
[   31.792642][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   31.797933][  T288]  dump_stack+0x15/0x17
[   31.802014][  T288]  __schedule_bug+0x195/0x260
[   31.806528][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   31.811647][  T288]  ? bpf_probe_write_user+0xf0/0xf0
[   31.816680][  T288]  ? __set_current_blocked+0x2a5/0x2f0
[   31.821975][  T288]  __schedule+0xd19/0x1590
[   31.826232][  T288]  ? __kasan_check_read+0x11/0x20
[   31.831090][  T288]  ? __fdget_pos+0x209/0x3a0
[   31.835517][  T288]  ? __sched_text_start+0x8/0x8
[   31.840203][  T288]  ? ksys_read+0x24f/0x2c0
[   31.844458][  T288]  ? bpf_trace_run1+0x1c0/0x1c0
[   31.849143][  T288]  schedule+0x11f/0x1e0
[   31.853137][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   31.858168][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   31.863465][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   31.868846][  T288]  do_syscall_64+0x49/0xb0
[   31.873097][  T288]  ? sysvec_call_function_single+0x52/0xb0
[   31.878752][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   31.884466][  T288] RIP: 0033:0x7f63542a3b6a
[   31.888720][  T288] Code: 00 3d 00 00 41 00 75 0d 50 48 8d 3d 2d 08 0a 00 e8 ea 7d 01 00 31 c0 e9 07 ff ff ff 64 8b 04 25 18 00 00 00 85 c0 75 1b 0f 05 <48> 3d 00 f0 ff ff 76 6c 48 8b 15 8f a2 0d 00 f7 d8 64 89 02 48 83
[   31.908164][  T288] RSP: 002b:00007ffd3094cfc8 EFLAGS: 00000246 ORIG_RAX: 0000000000000000
[   31.916406][  T288] RAX: 0000000000000517 RBX: 0000000000000000 RCX: 00007f63542a3b6a
[pid   335] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   339] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   335] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   341] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   340] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   338] +++ exited with 0 +++
[pid   339] <... bpf resumed>)          = 3
[pid   335] write(-1, NULL, 206336 <unfinished ...>
[pid   339] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   335] <... write resumed>)        = -1 EBADF (Bad file descriptor)
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=338, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   339] <... bpf resumed>)          = 0
[pid   335] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   301] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   339] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144executing program
executing program
executing program
 <unfinished ...>
[pid   335] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   301] <... restart_syscall resumed>) = 0
[pid   335] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   335] exit_group(0 <unfinished ...>
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   335] <... exit_group resumed>)   = ?
[pid   301] <... clone resumed>, child_tidptr=0x555555bba750) = 342
[pid   340] <... set_robust_list resumed>) = 0
[pid   340] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   340] setpgid(0, 0)               = 0
[pid   340] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   340] write(3, "1000", 4)         = 4
[pid   340] close(3)                    = 0
[pid   340] write(1, "executing program\n", 18) = 18
[pid   340] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   340] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   340] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   341] <... set_robust_list resumed>) = 0
[pid   341] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   341] setpgid(0, 0)               = 0
[pid   341] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   341] write(3, "1000", 4)         = 4
[pid   341] close(3)                    = 0
[pid   341] write(1, "executing program\n", 18) = 18
[pid   341] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   341] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   341] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   339] <... bpf resumed>)          = 4
[pid   339] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16./strace-static-x86_64: Process 342 attached
 <unfinished ...>
[pid   340] <... bpf resumed>)          = 4
[pid   342] set_robust_list(0x555555bba760, 24) = 0
[pid   342] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   342] setpgid(0, 0 <unfinished ...>
[pid   340] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   342] <... setpgid resumed>)      = 0
[pid   342] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   342] write(3, "1000", 4)         = 4
[pid   342] close(3)                    = 0
[pid   342] write(1, "executing program\n", 18) = 18
[pid   342] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   341] <... bpf resumed>)          = 4
[pid   342] <... bpf resumed>)          = 3
[pid   341] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   342] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   342] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   342] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   335] +++ exited with 0 +++
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=335, si_uid=0, si_status=0, si_utime=0, si_stime=25} ---
[pid   298] restart_syscall(<... resuming interrupted clone ...>) = 0
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bba750) = 344
./strace-static-x86_64: Process 344 attached
[pid   344] set_robust_list(0x555555bba760, 24) = 0
[pid   344] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   344] setpgid(0, 0)               = 0
[pid   344] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   344] write(3, "1000", 4)         = 4
[pid   344] close(3)                    = 0
[pid   344] write(1, "executing program\n", 18executing program
) = 18
[pid   344] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   344] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   344] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   344] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   339] <... bpf resumed>)          = 5
[pid   344] <... bpf resumed>)          = 5
[pid   342] <... bpf resumed>)          = 5
[pid   341] <... bpf resumed>)          = 5
[pid   340] <... bpf resumed>)          = 5
[pid   342] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   339] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   342] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   342] recvmsg(-1, NULL, 0)        = -1 EBADF (Bad file descriptor)
[pid   341] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   342] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   340] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   339] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   342] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   341] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   344] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   342] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   341] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   340] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   339] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   342] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   341] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   340] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   342] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   341] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   340] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   339] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   342] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   341] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   340] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   342] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   341] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   340] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   339] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   342] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   341] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   340] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   339] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   342] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   341] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   340] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   339] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   342] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   341] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   340] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   339] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   344] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   342] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   341] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   340] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   339] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   344] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   342] <... bpf resumed>)          = 6
[pid   341] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   340] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   339] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   342] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   341] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   340] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   339] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   344] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   342] <... bpf resumed>)          = 7
[   31.924220][  T288] RDX: 0000000000004000 RSI: 00007ffd3094cfe8 RDI: 0000000000000009
[   31.932033][  T288] RBP: 000055a0aa84d3f0 R08: 0000000000000000 R09: 0000000000000000
[   31.939840][  T288] R10: 00007ffd3094cfe8 R11: 0000000000000246 R12: 000055a0aa845460
[   31.947654][  T288] R13: 000055a0a9936937 R14: 000055a0a9939480 R15: 000055a0aa845460
[   31.955469][  T288]  </TASK>
[pid   341] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   340] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[   31.985004][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   31.996554][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   32.004254][  T291] Modules linked in:
[   32.008137][  T291] Preemption disabled at:
[   32.008146][  T291] [<ffffffff814cd0b6>] try_to_wake_up+0x86/0x1160
[   32.018645][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   32.030006][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   32.039901][  T291] Call Trace:
[   32.043023][  T291]  <TASK>
[   32.045801][  T291]  dump_stack_lvl+0x151/0x1b7
[   32.050315][  T291]  ? try_to_wake_up+0x86/0x1160
[   32.055000][  T291]  ? try_to_wake_up+0x86/0x1160
[   32.059689][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   32.065156][  T291]  ? try_to_wake_up+0x86/0x1160
[   32.069847][  T291]  dump_stack+0x15/0x17
[   32.073921][  T291]  __schedule_bug+0x195/0x260
[   32.078438][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   32.083554][  T291]  ? _raw_spin_unlock_irqrestore+0x5c/0x80
[   32.089201][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   32.094230][  T291]  __schedule+0xd19/0x1590
[   32.098484][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   32.103867][  T291]  ? __sched_text_start+0x8/0x8
[   32.108551][  T291]  ? _raw_spin_lock_irq+0xa5/0x1b0
[   32.113502][  T291]  ? _raw_spin_lock_irqsave+0x210/0x210
[   32.118880][  T291]  ? ptrace_check_attach+0x323/0x420
[   32.123999][  T291]  schedule+0x11f/0x1e0
[   32.127993][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   32.133028][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   32.138501][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   32.143874][  T291]  do_syscall_64+0x49/0xb0
[   32.148130][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   32.153857][  T291] RIP: 0033:0x4e6c1a
[   32.157588][  T291] Code: 70 41 83 f8 03 c7 44 24 10 08 00 00 00 48 89 44 24 18 48 8d 44 24 30 8b 70 08 4c 0f 43 d1 48 89 44 24 20 b8 65 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 3e 48 85 c0 78 06 41 83 f8 02 76 1b 48 8b 4c
[   32.177038][  T291] RSP: 002b:00007ffec93eef20 EFLAGS: 00000206 ORIG_RAX: 0000000000000065
[pid   339] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   344] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   342] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   341] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[   32.185437][  T291] RAX: 0000000000000050 RBX: 0000000001477380 RCX: 00000000004e6c1a
[   32.193246][  T291] RDX: 0000000000000058 RSI: 0000000000000153 RDI: 000000000000420e
[   32.201053][  T291] RBP: 00007ffec93ef020 R08: 000000000000420d R09: 0000000000000019
[   32.208866][  T291] R10: 000000000063c820 R11: 0000000000000206 R12: 0000000001477380
[   32.216677][  T291] R13: 00007ffec93ef07c R14: 000000000000857f R15: 0000000000617180
[   32.224669][  T291]  </TASK>
[pid   340] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   344] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   341] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   340] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   344] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[   32.230107][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   32.242441][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   32.248969][  T288] Modules linked in:
[   32.252780][  T288] Preemption disabled at:
[   32.252790][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   32.263828][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   32.274303][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   32.284197][  T288] Call Trace:
[   32.287323][  T288]  <TASK>
[   32.290101][  T288]  dump_stack_lvl+0x151/0x1b7
[   32.294611][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   32.299905][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   32.305202][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   32.310671][  T288]  ? bstr_printf+0x1020/0x10c0
[   32.315270][  T288]  ? __set_current_blocked+0x11b/0x2f0
[   32.320563][  T288]  dump_stack+0x15/0x17
[   32.324555][  T288]  __schedule_bug+0x195/0x260
[   32.329071][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   32.334190][  T288]  __schedule+0xd19/0x1590
[   32.338443][  T288]  ? __sched_text_start+0x8/0x8
[   32.343192][  T288]  schedule+0x11f/0x1e0
[   32.347121][  T288]  schedule_hrtimeout_range_clock+0x228/0x3a0
[   32.353025][  T288]  ? hrtimer_nanosleep_restart+0x170/0x170
[   32.358664][  T288]  ? add_wait_queue+0x189/0x1c0
[   32.363354][  T288]  ? __remove_hrtimer+0x4d0/0x4d0
[   32.368215][  T288]  ? __pollwait+0x2f5/0x3f0
[   32.372555][  T288]  ? poll_initwait+0x160/0x160
[   32.377154][  T288]  schedule_hrtimeout_range+0x2a/0x40
[   32.382359][  T288]  do_sys_poll+0xe20/0x12d0
[   32.386730][  T288]  ? poll_select_finish+0x7b0/0x7b0
[   32.391737][  T288]  ? __x64_compat_sys_ppoll_time64+0xd0/0xd0
[   32.397550][  T288]  ? __x64_compat_sys_ppoll_time64+0xd0/0xd0
[   32.403364][  T288]  ? __x64_compat_sys_ppoll_time64+0xd0/0xd0
[   32.409180][  T288]  ? __x64_compat_sys_ppoll_time64+0xd0/0xd0
[   32.414999][  T288]  ? _raw_spin_lock_irqsave+0x210/0x210
[   32.420377][  T288]  ? __kasan_check_write+0x14/0x20
[   32.425323][  T288]  ? recalc_sigpending+0x1a5/0x230
[   32.430269][  T288]  ? _raw_spin_unlock_irq+0x4e/0x70
[   32.435308][  T288]  ? sigprocmask+0x280/0x280
[   32.439735][  T288]  ? set_current_blocked+0x40/0x40
[   32.444678][  T288]  __se_sys_ppoll+0x29c/0x330
[   32.449194][  T288]  ? __x64_sys_ppoll+0xd0/0xd0
[   32.453796][  T288]  __x64_sys_ppoll+0xbf/0xd0
[   32.458225][  T288]  do_syscall_64+0x3d/0xb0
[   32.462473][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   32.468201][  T288] RIP: 0033:0x7f63542a6ad5
[   32.472460][  T288] Code: 85 d2 74 0d 0f 10 02 48 8d 54 24 20 0f 11 44 24 20 64 8b 04 25 18 00 00 00 85 c0 75 27 41 b8 08 00 00 00 b8 0f 01 00 00 0f 05 <48> 3d 00 f0 ff ff 76 75 48 8b 15 24 73 0d 00 f7 d8 64 89 02 48 83
[   32.491899][  T288] RSP: 002b:00007ffd309510f0 EFLAGS: 00000246 ORIG_RAX: 000000000000010f
[   32.500140][  T288] RAX: ffffffffffffffda RBX: 00000000000668a0 RCX: 00007f63542a6ad5
[   32.507948][  T288] RDX: 00007ffd30951110 RSI: 0000000000000004 RDI: 000055a0aa846890
[   32.515760][  T288] RBP: 000055a0aa845460 R08: 0000000000000008 R09: 0000000000000000
[   32.523571][  T288] R10: 00007ffd309511f8 R11: 0000000000000246 R12: 000055a0a992daa4
[pid   340] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   344] bpf(BPF_PROG_LOAD, NULL, 0) = -1 EFAULT (Bad address)
[pid   344] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   344] socketpair(AF_UNIX, SOCK_STREAM, 0, NULL) = -1 EFAULT (Bad address)
[pid   344] ioctl(-1, FIOASYNC, NULL)   = -1 EBADF (Bad file descriptor)
[pid   344] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73) = 6
[pid   340] <... bpf resumed>)          = 6
[pid   344] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   340] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   339] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   339] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   344] <... bpf resumed>)          = 7
[pid   342] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   341] <... bpf resumed>)          = 6
[pid   340] <... bpf resumed>)          = 7
[pid   344] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   342] close(-1 <unfinished ...>
[pid   341] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   339] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[   32.531476][  T288] R13: 0000000000000001 R14: 000055a0a992e3e8 R15: 00007ffd30951178
[   32.539379][  T288]  </TASK>
[   32.546799][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   32.558226][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   32.564621][  T288] Modules linked in:
[   32.568367][  T288] Preemption disabled at:
[   32.568377][  T288] [<ffffffff84c7388e>] preempt_schedule_notrace+0xee/0x140
[   32.579566][  T288] CPU: 0 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   32.590041][  T288] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   32.600018][  T288] Call Trace:
[   32.603143][  T288]  <TASK>
[   32.605909][  T288]  dump_stack_lvl+0x151/0x1b7
[   32.610509][  T288]  ? preempt_schedule_notrace+0xee/0x140
[   32.615973][  T288]  ? preempt_schedule_notrace+0xee/0x140
[   32.621570][  T288]  ? io_uring_drop_tctx_refs+0x190/0x190
[   32.627038][  T288]  ? preempt_schedule_notrace+0xee/0x140
[   32.632591][  T288]  dump_stack+0x15/0x17
[   32.636672][  T288]  __schedule_bug+0x195/0x260
[   32.641271][  T288]  ? bpf_bprintf_cleanup+0x3f/0x60
[   32.646220][  T288]  ? ttwu_queue_wakelist+0x510/0x510
[   32.651342][  T288]  ? __schedule+0xcd4/0x1590
[   32.655777][  T288]  ? bpf_bprintf_cleanup+0x3f/0x60
[   32.660716][  T288]  __schedule+0xd19/0x1590
[   32.664968][  T288]  ? bpf_trace_run2+0xf1/0x210
[   32.669567][  T288]  ? __sched_text_start+0x8/0x8
[   32.674251][  T288]  ? bpf_trace_run1+0x1c0/0x1c0
[   32.678937][  T288]  ? switch_fpu_return+0x1ed/0x3d0
[   32.683887][  T288]  schedule+0x11f/0x1e0
[   32.687879][  T288]  exit_to_user_mode_loop+0x4d/0xe0
[   32.692915][  T288]  exit_to_user_mode_prepare+0x5a/0xa0
[   32.698208][  T288]  syscall_exit_to_user_mode+0x26/0x160
[   32.703589][  T288]  do_syscall_64+0x49/0xb0
[   32.707841][  T288]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   32.713572][  T288] RIP: 0033:0x7f635428a587
[   32.717822][  T288] Code: 41 5c 41 5d 41 5e 41 5f 5d c3 b9 01 00 00 00 e9 12 fe ff ff 31 c9 e9 0b fe ff ff 0f 1f 84 00 00 00 00 00 b8 27 00 00 00 0f 05 <c3> 0f 1f 84 00 00 00 00 00 b8 6e 00 00 00 0f 05 c3 0f 1f 84 00 00
[pid   344] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   342] <... close resumed>)        = -1 EBADF (Bad file descriptor)
executing program
[pid   341] <... bpf resumed>)          = 7
[pid   340] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   339] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   344] close(-1 <unfinished ...>
[pid   342] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0 <unfinished ...>
[pid   341] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   340] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   340] close(-1)                   = -1 EBADF (Bad file descriptor)
[pid   340] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   340] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = -1 EFAULT (Bad address)
[pid   340] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   340] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   340] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   340] exit_group(0)               = ?
[pid   340] +++ exited with 0 +++
[pid   339] <... bpf resumed>)          = 6
[pid   339] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16) = 7
[pid   339] recvmsg(-1, NULL, 0)        = -1 EBADF (Bad file descriptor)
[pid   339] close(-1)                   = -1 EBADF (Bad file descriptor)
[pid   339] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   339] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = -1 EFAULT (Bad address)
[pid   339] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   339] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   339] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   339] exit_group(0)               = ?
[pid   339] +++ exited with 0 +++
[pid   300] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=339, si_uid=0, si_status=0, si_utime=0, si_stime=3} ---
[pid   297] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=340, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   344] <... close resumed>)        = -1 EBADF (Bad file descriptor)
[pid   344] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   344] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = -1 EFAULT (Bad address)
[pid   344] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   344] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   300] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   344] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   297] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   344] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   300] <... clone resumed>, child_tidptr=0x555555bba750) = 345
[pid   344] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   297] <... clone resumed>, child_tidptr=0x555555bba750) = 346
[pid   344] exit_group(0)               = ?
[pid   344] +++ exited with 0 +++
[pid   298] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=344, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   298] restart_syscall(<... resuming interrupted clone ...>./strace-static-x86_64: Process 346 attached
 <unfinished ...>
[pid   346] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   298] <... restart_syscall resumed>) = 0
[pid   298] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD, child_tidptr=0x555555bba750) = 347
[pid   346] <... set_robust_list resumed>) = 0
[pid   346] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   346] setpgid(0, 0)               = 0
[pid   346] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC) = 3
[pid   346] write(3, "1000", 4)         = 4
[pid   346] close(3)                    = 0
[pid   346] write(1, "executing program\n", 18./strace-static-x86_64: Process 345 attached
) = 18
[pid   346] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   345] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   346] <... bpf resumed>)          = 3
[pid   345] <... set_robust_list resumed>) = 0
[pid   346] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   345] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   346] <... bpf resumed>)          = 0
[pid   345] <... prctl resumed>)        = 0
[pid   346] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   345] setpgid(0, 0./strace-static-x86_64: Process 347 attached
)               = 0
[pid   342] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   341] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   341] close(-1)                   = -1 EBADF (Bad file descriptor)
[pid   341] bpf(BPF_MAP_UPDATE_ELEM, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   341] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000) = -1 EFAULT (Bad address)
[pid   341] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   341] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4 <unfinished ...>
[pid   342] openat(AT_FDCWD, NULL, O_WRONLY|O_CREAT|O_EXCL|O_TRUNC|O_APPEND|FASYNC|0x20, 000 <unfinished ...>
[pid   341] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   341] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   342] <... openat resumed>)       = -1 EFAULT (Bad address)
[pid   341] exit_group(0)               = ?
[pid   342] write(-1, NULL, 206336)     = -1 EBADF (Bad file descriptor)
[pid   342] openat(AT_FDCWD, NULL, O_WRONLY|O_TRUNC|O_NONBLOCK|O_DSYNC|O_DIRECT|FASYNC|0x4) = -1 EFAULT (Bad address)
[pid   342] bpf(BPF_MAP_CREATE, NULL, 0) = -1 EINVAL (Invalid argument)
[pid   342] exit_group(0)               = ?
[pid   345] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[   32.737352][  T288] RSP: 002b:00007ffd30950f58 EFLAGS: 00000246 ORIG_RAX: 0000000000000027
[   32.745804][  T288] RAX: 0000000000000120 RBX: 0000000000000008 RCX: 00007f635428a587
[   32.753613][  T288] RDX: 0000000000000000 RSI: 0000000000000008 RDI: 0000000000000008
[   32.761426][  T288] RBP: 000055a0aa847814 R08: 0000000000000000 R09: 0000000000000000
[   32.769235][  T288] R10: 0000000000000000 R11: 0000000000000246 R12: 0000000000000400
[   32.777080][  T288] R13: 0000000000000008 R14: 0000000000000000 R15: 000055a0aa840460
[   32.784865][  T288]  </TASK>
[   32.793208][    C0] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   32.804655][  T291] BUG: scheduling while atomic: strace-static-x/291/0x00000002
[   32.812003][  T291] Modules linked in:
[   32.815697][  T291] Preemption disabled at:
[   32.815707][  T291] [<ffffffff81529686>] remove_wait_queue+0x26/0x140
[   32.826287][  T291] CPU: 0 PID: 291 Comm: strace-static-x Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0
[   32.837734][  T291] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 03/27/2024
[   32.847631][  T291] Call Trace:
[   32.850755][  T291]  <TASK>
[   32.853532][  T291]  dump_stack_lvl+0x151/0x1b7
[   32.858305][  T291]  ? remove_wait_queue+0x26/0x140
[   32.863164][  T291]  ? remove_wait_queue+0x26/0x140
[   32.868025][  T291]  ? io_uring_drop_tctx_refs+0x190/0x190
[   32.873494][  T291]  ? remove_wait_queue+0x26/0x140
[   32.878353][  T291]  dump_stack+0x15/0x17
[   32.882345][  T291]  __schedule_bug+0x195/0x260
[   32.886866][  T291]  ? ttwu_queue_wakelist+0x510/0x510
[   32.891979][  T291]  ? kernel_waitid+0x520/0x520
[   32.896582][  T291]  ? wait_task_inactive+0x2cd/0x4f0
[   32.901627][  T291]  __schedule+0xd19/0x1590
[   32.905911][  T291]  ? __x64_sys_wait4+0x181/0x1e0
[   32.910729][  T291]  ? __sched_text_start+0x8/0x8
[   32.915416][  T291]  schedule+0x11f/0x1e0
[   32.919407][  T291]  exit_to_user_mode_loop+0x4d/0xe0
[   32.924439][  T291]  exit_to_user_mode_prepare+0x5a/0xa0
[   32.929734][  T291]  syscall_exit_to_user_mode+0x26/0x160
[   32.935115][  T291]  do_syscall_64+0x49/0xb0
[   32.939371][  T291]  ? sysvec_apic_timer_interrupt+0x55/0xc0
[   32.945126][  T291]  entry_SYSCALL_64_after_hwframe+0x61/0xcb
[   32.950852][  T291] RIP: 0033:0x4d49a6
[   32.954582][  T291] Code: 00 00 00 90 31 c9 e9 09 00 00 00 66 0f 1f 84 00 00 00 00 00 49 89 ca 64 8b 04 25 18 00 00 00 85 c0 75 11 b8 3d 00 00 00 0f 05 <48> 3d 00 f0 ff ff 77 5a c3 90 48 83 ec 28 89 54 24 14 48 89 74 24
[   32.974024][  T291] RSP: 002b:00007ffec93ef0b8 EFLAGS: 00000246 ORIG_RAX: 000000000000003d
[   32.982271][  T291] RAX: 000000000000015b RBX: 0000000000000001 RCX: 00000000004d49a6
[pid   347] set_robust_list(0x555555bba760, 24) = 0
[pid   346] <... bpf resumed>)          = 4
[pid   345] <... openat resumed>)       = 3
[pid   342] +++ exited with 0 +++
[pid   341] +++ exited with 0 +++
[pid   347] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   346] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   345] write(3, "1000", 4 <unfinished ...>
[pid   295] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=341, si_uid=0, si_status=0, si_utime=0, si_stime=28} ---
[pid   347] <... prctl resumed>)        = 0
[pid   345] <... write resumed>)        = 4
[pid   301] --- SIGCHLD {si_signo=SIGCHLD, si_code=CLD_EXITED, si_pid=342, si_uid=0, si_status=0, si_utime=0, si_stime=0} ---
[pid   347] setpgid(0, 0 <unfinished ...>
[pid   345] close(3 <unfinished ...>
[pid   301] restart_syscall(<... resuming interrupted clone ...> <unfinished ...>
[pid   347] <... setpgid resumed>)      = 0
[pid   345] <... close resumed>)        = 0
[pid   295] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD./strace-static-x86_64: Process 349 attached
 <unfinished ...>
[pid   347] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   345] write(1, "executing program\n", 18executing program
 <unfinished ...>
[pid   301] <... restart_syscall resumed>) = 0
[pid   347] <... openat resumed>)       = 3
[pid   345] <... write resumed>)        = 18
[pid   295] <... clone resumed>, child_tidptr=0x555555bba750) = 349
[pid   347] write(3, "1000", 4 <unfinished ...>
[pid   345] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   347] <... write resumed>)        = 4
[pid   345] <... bpf resumed>)          = 3
[pid   301] clone(child_stack=NULL, flags=CLONE_CHILD_CLEARTID|CLONE_CHILD_SETTID|SIGCHLD <unfinished ...>
[pid   347] close(3 <unfinished ...>
[pid   345] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4 <unfinished ...>
[pid   347] <... close resumed>)        = 0
[pid   345] <... bpf resumed>)          = 0
[pid   347] write(1, "executing program\n", 18 <unfinished ...>
executing program
[pid   345] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   349] set_robust_list(0x555555bba760, 24 <unfinished ...>
[pid   347] <... write resumed>)        = 18
[pid   345] <... bpf resumed>)          = 4
[pid   347] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72 <unfinished ...>
[pid   345] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   301] <... clone resumed>, child_tidptr=0x555555bba750) = 350
[pid   347] <... bpf resumed>)          = 3
[pid   347] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   349] <... set_robust_list resumed>) = 0
[pid   347] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144./strace-static-x86_64: Process 350 attached
 <unfinished ...>
[pid   350] set_robust_list(0x555555bba760, 24) = 0
[pid   350] prctl(PR_SET_PDEATHSIG, SIGKILL) = 0
[pid   350] setpgid(0, 0)               = 0
[pid   350] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   347] <... bpf resumed>)          = 4
[pid   350] <... openat resumed>)       = 3
[pid   347] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   349] prctl(PR_SET_PDEATHSIG, SIGKILL <unfinished ...>
[pid   350] write(3, "1000", 4)         = 4
[pid   350] close(3)                    = 0
[pid   350] write(1, "executing program\n", 18executing program
) = 18
[pid   350] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   350] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   350] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144 <unfinished ...>
[pid   349] <... prctl resumed>)        = 0
[pid   349] setpgid(0, 0)               = 0
[pid   350] <... bpf resumed>)          = 4
[pid   349] openat(AT_FDCWD, "/proc/self/oom_score_adj", O_WRONLY|O_CLOEXEC <unfinished ...>
[pid   350] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   349] <... openat resumed>)       = 3
[pid   349] write(3, "1000", 4)         = 4
[pid   349] close(3executing program
)                    = 0
[pid   349] write(1, "executing program\n", 18) = 18
[pid   349] bpf(BPF_MAP_CREATE, {map_type=BPF_MAP_TYPE_ARRAY, key_size=4, value_size=8, max_entries=1, map_flags=BPF_F_RDONLY_PROG, inner_map_fd=-1, map_name="", map_ifindex=0, btf_fd=-1, btf_key_type_id=0, btf_value_type_id=0, btf_vmlinux_value_type_id=0, map_extra=0}, 72) = 3
[pid   349] bpf(BPF_MAP_FREEZE, {map_fd=3}, 4) = 0
[pid   349] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=24, insns=0x200001c0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(4, 16, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=0, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0, attach_btf_id=0, attach_prog_fd=0, fd_array=NULL}, 144) = 4
[pid   346] <... bpf resumed>)          = 5
[pid   350] <... bpf resumed>)          = 5
[pid   347] <... bpf resumed>)          = 5
[pid   346] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   345] <... bpf resumed>)          = 5
[pid   346] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   350] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   347] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   346] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   345] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   350] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   347] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   346] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   345] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   350] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   347] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   346] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   345] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   350] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   349] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="kmem_cache_free", prog_fd=4}}, 16 <unfinished ...>
[pid   347] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   346] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   345] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   350] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   349] <... bpf resumed>)          = 5
[pid   347] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   346] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   345] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   350] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   349] --- SIGSEGV {si_signo=SIGSEGV, si_code=SI_KERNEL, si_addr=NULL} ---
[pid   347] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   346] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   350] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   349] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   347] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   346] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   345] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   350] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   349] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   347] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   346] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   345] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   350] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   349] recvmsg(-1, NULL, 0 <unfinished ...>
[pid   347] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   346] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   345] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   350] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   349] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   347] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   346] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   345] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   350] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   349] recvmsg(-1, NULL, MSG_OOB <unfinished ...>
[pid   347] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   346] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   345] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   350] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   349] <... recvmsg resumed>)      = -1 EBADF (Bad file descriptor)
[pid   347] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   346] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   345] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   350] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   349] bpf(BPF_PROG_LOAD, NULL, 0 <unfinished ...>
[pid   347] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   346] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   345] socketpair(AF_UNIX, SOCK_STREAM, 0,  <unfinished ...>
[pid   350] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   349] <... bpf resumed>)          = -1 EFAULT (Bad address)
[pid   347] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   346] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   345] <... socketpair resumed>NULL) = -1 EFAULT (Bad address)
[pid   347] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   345] ioctl(-1, FIOASYNC, NULL <unfinished ...>
[pid   350] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   349] bpf(BPF_MAP_CREATE, NULL, 0 <unfinished ...>
[pid   347] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   346] <... bpf resumed>)          = 6
[   32.990079][  T291] RDX: 0000000040000001 RSI: 00007ffec93ef0dc RDI: 00000000ffffffff
[   32.997887][  T291] RBP: 00000000014774d0 R08: 0000000000000000 R09: 0000000000000000
[   33.005700][  T291] R10: 0000000000000000 R11: 0000000000000246 R12: 000000000147d400
[   33.013620][  T291] R13: 000000000000012d R14: 00007ffec93ef0dc R15: 0000000000617180
[   33.021519][  T291]  </TASK>
[pid   345] <... ioctl resumed>)        = -1 EBADF (Bad file descriptor)
[pid   350] bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_RAW_TRACEPOINT, insn_cnt=8, insns=0x20000cc0, license="GPL", log_level=0, log_size=0, log_buf=NULL, kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS, prog_btf_fd=255, func_info_rec_size=0, func_info=NULL, func_info_cnt=0, line_info_rec_size=0, line_info=NULL, line_info_cnt=0}, 73 <unfinished ...>
[pid   349] <... bpf resumed>)          = -1 EINVAL (Invalid argument)
[pid   346] bpf(BPF_RAW_TRACEPOINT_OPEN, {raw_tracepoint={name="sys_enter", prog_fd=6}}, 16 <unfinished ...>
[pid   347] <... bpf resumed>)          = 6
[   33.054335][    C1] softirq: huh, entered softirq 3 NET_RX ffffffff83e89ec0 with preempt_count 00000103, exited with 00000102?
[   33.066133][  T288] BUG: scheduling while atomic: sshd/288/0x00000002
[   33.072633][  T288] Modules linked in:
[   33.076357][  T288] Preemption disabled at:
[   33.076370][  T288] [<ffffffff81459dcb>] __set_current_blocked+0x11b/0x2f0
[   33.087307][  T288] CPU: 1 PID: 288 Comm: sshd Tainted: G        W         5.15.149-syzkaller-00490-g5d96939590c0 #0