./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2802745084 <...> DUID 00:04:03:2c:e5:fc:a2:19:b8:8b:c5:bf:62:63:19:3a:75:c6 forked to background, child pid 3188 [ 26.840138][ T3189] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.849729][ T3189] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.0.190' (ECDSA) to the list of known hosts. execve("./syz-executor2802745084", ["./syz-executor2802745084"], 0x7ffe62c03a40 /* 10 vars */) = 0 brk(NULL) = 0x555555f0d000 brk(0x555555f0dc40) = 0x555555f0dc40 arch_prctl(ARCH_SET_FS, 0x555555f0d300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2802745084", 4096) = 28 brk(0x555555f2ec40) = 0x555555f2ec40 brk(0x555555f2f000) = 0x555555f2f000 mprotect(0x7fb75c484000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_IP) = 3 setsockopt(3, SOL_SOCKET, SO_REUSEPORT, [-2147483644], 4) = 0 bind(3, {sa_family=AF_INET6, sin6_port=htons(0), sin6_flowinfo=htonl(0), inet_pton(AF_INET6, "ff01::1", &sin6_addr), sin6_scope_id=8}, 28) = 0 exit_group(0) = ? syzkaller login: [ 49.605635][ T3609] [ 49.608094][ T3609] ============================= [ 49.612926][ T3609] WARNING: suspicious RCU usage [ 49.617799][ T3609] 6.0.0-rc1-next-20220818-syzkaller #0 Not tainted [ 49.624283][ T3609] ----------------------------- [ 49.629143][ T3609] include/net/sock.h:592 suspicious rcu_dereference_check() usage! [ 49.637057][ T3609] [ 49.637057][ T3609] other info that might help us debug this: [ 49.637057][ T3609] [ 49.647308][ T3609] [ 49.647308][ T3609] rcu_scheduler_active = 2, debug_locks = 1 [ 49.655357][ T3609] 4 locks held by syz-executor280/3609: [ 49.660944][ T3609] #0: ffff888073857a10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x280 [ 49.671584][ T3609] #1: ffffc900014f68e8 (&table->hash[i].lock){+...}-{2:2}, at: udp_lib_unhash+0x1d5/0x730 [ 49.681625][ T3609] #2: ffffffff8d7beb78 (reuseport_lock){+...}-{2:2}, at: reuseport_detach_sock+0x22/0x4a0 [ 49.691703][ T3609] #3: ffff88814b5eabb8 (clock-AF_INET6){++..}-{2:2}, at: bpf_sk_reuseport_detach+0x26/0x190 [ 49.701922][ T3609] [ 49.701922][ T3609] stack backtrace: [ 49.707835][ T3609] CPU: 0 PID: 3609 Comm: syz-executor280 Not tainted 6.0.0-rc1-next-20220818-syzkaller #0 [ 49.717712][ T3609] syz-executor280[3609] cmdline: a [ 49.723513][ T3609] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 49.733629][ T3609] Call Trace: [ 49.736905][ T3609] [ 49.739834][ T3609] dump_stack_lvl+0xcd/0x134 [ 49.744444][ T3609] bpf_sk_reuseport_detach+0x156/0x190 [ 49.749904][ T3609] reuseport_detach_sock+0x8c/0x4a0 [ 49.755102][ T3609] udp_lib_unhash+0x210/0x730 [ 49.759775][ T3609] ? udpv6_pre_connect+0x180/0x180 [ 49.764878][ T3609] sk_common_release+0xba/0x390 [ 49.769721][ T3609] inet_release+0x12e/0x270 [ 49.774227][ T3609] inet6_release+0x4c/0x70 [ 49.778636][ T3609] __sock_release+0xcd/0x280 [ 49.783223][ T3609] sock_close+0x18/0x20 [ 49.787371][ T3609] __fput+0x27c/0xa90 [ 49.791345][ T3609] ? __sock_release+0x280/0x280 [ 49.796202][ T3609] task_work_run+0xdd/0x1a0 [ 49.800699][ T3609] do_exit+0xc39/0x2b60 [ 49.804845][ T3609] ? lock_downgrade+0x6e0/0x6e0 [ 49.809685][ T3609] ? do_raw_spin_lock+0x120/0x2a0 [ 49.814702][ T3609] ? mm_update_next_owner+0x7a0/0x7a0 [ 49.820090][ T3609] ? rwlock_bug.part.0+0x90/0x90 [ 49.825022][ T3609] ? _raw_spin_unlock_irq+0x1f/0x40 [ 49.830219][ T3609] ? _raw_spin_unlock_irq+0x1f/0x40 [ 49.835410][ T3609] do_group_exit+0xd0/0x2a0 [ 49.839906][ T3609] __x64_sys_exit_group+0x3a/0x50 [ 49.844919][ T3609] do_syscall_64+0x35/0xb0 [ 49.849329][ T3609] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 49.855217][ T3609] RIP: 0033:0x7fb75c4166a9 [ 49.859620][ T3609] Code: Unable to access opcode bytes at RIP 0x7fb75c41667f. [ 49.866969][ T3609] RSP: 002b:00007ffd688b1178 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 49.875374][ T3609] RAX: ffffffffffffffda RBX: 00007fb75c48a270 RCX: 00007fb75c4166a9 [ 49.883340][ T3609] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 49.891299][ T3609] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000000 +++ exited with 0 +++ [ 49.899259][ T3609] R10: 0000000000000004 R11: 0000000000000246 R12: 00007fb75c48a270