./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor455701858 <...> no interfaces have a carrier forked to background, child pid 3186 [ 26.469491][ T3187] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.481803][ T3187] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: OK syzkaller Warning: Permanently added '10.128.1.80' (ECDSA) to the list of known hosts. execve("./syz-executor455701858", ["./syz-executor455701858"], 0x7ffc9026ce10 /* 10 vars */) = 0 brk(NULL) = 0x555556029000 brk(0x555556029c40) = 0x555556029c40 arch_prctl(ARCH_SET_FS, 0x555556029300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor455701858", 4096) = 27 brk(0x55555604ac40) = 0x55555604ac40 brk(0x55555604b000) = 0x55555604b000 mprotect(0x7fb8557e4000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 socket(AF_INET6, SOCK_DGRAM|SOCK_CLOEXEC, IPPROTO_IP) = 3 setsockopt(3, SOL_SOCKET, SO_REUSEPORT, [-2147483644], 4) = 0 setsockopt(3, SOL_SOCKET, SO_ATTACH_REUSEPORT_CBPF, {len=1, filter=0x200000c0}, 16) = 0 exit_group(0) = ? syzkaller login: [ 43.080107][ T3608] [ 43.082555][ T3608] ============================= [ 43.087387][ T3608] WARNING: suspicious RCU usage [ 43.092511][ T3608] 6.0.0-rc1-next-20220818-syzkaller #0 Not tainted [ 43.099005][ T3608] ----------------------------- [ 43.103869][ T3608] include/net/sock.h:592 suspicious rcu_dereference_check() usage! [ 43.111786][ T3608] [ 43.111786][ T3608] other info that might help us debug this: [ 43.111786][ T3608] [ 43.122031][ T3608] [ 43.122031][ T3608] rcu_scheduler_active = 2, debug_locks = 1 [ 43.130133][ T3608] 3 locks held by syz-executor455/3608: [ 43.135684][ T3608] #0: ffff888144d74410 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x280 [ 43.146275][ T3608] #1: ffffffff8d7beb78 (reuseport_lock){+...}-{2:2}, at: reuseport_detach_sock+0x22/0x4a0 [ 43.156368][ T3608] #2: ffff88814b1333b8 (clock-AF_INET6){++..}-{2:2}, at: bpf_sk_reuseport_detach+0x26/0x190 [ 43.166624][ T3608] [ 43.166624][ T3608] stack backtrace: [ 43.172560][ T3608] CPU: 1 PID: 3608 Comm: syz-executor455 Not tainted 6.0.0-rc1-next-20220818-syzkaller #0 [ 43.182461][ T3608] syz-executor455[3608] cmdline: a [ 43.188271][ T3608] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 43.198339][ T3608] Call Trace: [ 43.201625][ T3608] [ 43.204566][ T3608] dump_stack_lvl+0xcd/0x134 [ 43.209195][ T3608] bpf_sk_reuseport_detach+0x156/0x190 [ 43.214683][ T3608] reuseport_detach_sock+0x8c/0x4a0 [ 43.219990][ T3608] ? netlink_has_listeners+0x21c/0x3d0 [ 43.225479][ T3608] __sk_free+0x130/0x460 [ 43.229734][ T3608] sk_common_release+0x292/0x390 [ 43.234683][ T3608] inet_release+0x12e/0x270 [ 43.239210][ T3608] inet6_release+0x4c/0x70 [ 43.243637][ T3608] __sock_release+0xcd/0x280 [ 43.248247][ T3608] sock_close+0x18/0x20 [ 43.252409][ T3608] __fput+0x27c/0xa90 [ 43.256407][ T3608] ? __sock_release+0x280/0x280 [ 43.261275][ T3608] task_work_run+0xdd/0x1a0 [ 43.265794][ T3608] do_exit+0xc39/0x2b60 [ 43.269959][ T3608] ? lock_downgrade+0x6e0/0x6e0 [ 43.274822][ T3608] ? do_raw_spin_lock+0x120/0x2a0 [ 43.279859][ T3608] ? mm_update_next_owner+0x7a0/0x7a0 [ 43.285239][ T3608] ? rwlock_bug.part.0+0x90/0x90 [ 43.290189][ T3608] ? _raw_spin_unlock_irq+0x1f/0x40 [ 43.295397][ T3608] ? _raw_spin_unlock_irq+0x1f/0x40 [ 43.300619][ T3608] do_group_exit+0xd0/0x2a0 [ 43.305131][ T3608] __x64_sys_exit_group+0x3a/0x50 [ 43.310165][ T3608] do_syscall_64+0x35/0xb0 [ 43.314592][ T3608] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 43.320516][ T3608] RIP: 0033:0x7fb855776699 [ 43.324944][ T3608] Code: Unable to access opcode bytes at RIP 0x7fb85577666f. [ 43.332305][ T3608] RSP: 002b:00007ffd80afae28 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 43.340725][ T3608] RAX: ffffffffffffffda RBX: 00007fb8557ea270 RCX: 00007fb855776699 [ 43.348706][ T3608] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 [ 43.356678][ T3608] RBP: 0000000000000000 R08: ffffffffffffffc0 R09: 0000000000000000 [ 43.364651][ T3608] R10: 0000000020000240 R11: 0000000000000246 R12: 00007fb8557ea270 [ 43.372626][ T3608] R13: 0000000000000001 R14: 0000000000000000 R15: 0000000000000001 +++ exited with 0 +++ [ 43.380