./strace-static-x86_64 -e \!wait4,clock_nanosleep,nanosleep -s 100 -x -f ./syz-executor2015138553 <...> forked to background, child pid 3184 [ 26.421188][ T3185] 8021q: adding VLAN 0 to HW filter on device bond0 [ 26.432401][ T3185] eql: remember to turn off Van-Jacobson compression on your slave devices Starting sshd: [ 26.765814][ T3277] sshd (3277) used greatest stack depth: 22472 bytes left OK syzkaller Warning: Permanently added '10.128.1.104' (ECDSA) to the list of known hosts. execve("./syz-executor2015138553", ["./syz-executor2015138553"], 0x7ffd9ddc84b0 /* 10 vars */) = 0 brk(NULL) = 0x555556689000 brk(0x555556689c40) = 0x555556689c40 arch_prctl(ARCH_SET_FS, 0x555556689300) = 0 uname({sysname="Linux", nodename="syzkaller", ...}) = 0 readlink("/proc/self/exe", "/root/syz-executor2015138553", 4096) = 28 brk(0x5555566aac40) = 0x5555566aac40 brk(0x5555566ab000) = 0x5555566ab000 mprotect(0x7f81752ea000, 16384, PROT_READ) = 0 mmap(0x1ffff000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x1ffff000 mmap(0x20000000, 16777216, PROT_READ|PROT_WRITE|PROT_EXEC, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x20000000 mmap(0x21000000, 4096, PROT_NONE, MAP_PRIVATE|MAP_FIXED|MAP_ANONYMOUS, -1, 0) = 0x21000000 bpf(BPF_PROG_LOAD, {prog_type=BPF_PROG_TYPE_SOCKET_FILTER, insn_cnt=3, insns=0x200003c0, license="syzkaller", log_level=1, log_size=195, log_buf="", kern_version=KERNEL_VERSION(0, 0, 0), prog_flags=0, prog_name="", prog_ifindex=0, expected_attach_type=BPF_CGROUP_INET_INGRESS}, 72) = 3 socket(AF_INET, SOCK_DGRAM, IPPROTO_IP) = 4 setsockopt(4, SOL_SOCKET, SO_REUSEPORT, [22459], 4) = 0 setsockopt(4, SOL_SOCKET, SO_ATTACH_REUSEPORT_EBPF, [3], 4) = 0 exit_group(0) = ? syzkaller login: [ 49.060220][ T3606] [ 49.062702][ T3606] ============================= [ 49.067534][ T3606] WARNING: suspicious RCU usage [ 49.072461][ T3606] 5.19.0-syzkaller-11980-ge34cfee65ec8 #0 Not tainted [ 49.079226][ T3606] ----------------------------- [ 49.084121][ T3606] include/net/sock.h:592 suspicious rcu_dereference_check() usage! [ 49.092043][ T3606] [ 49.092043][ T3606] other info that might help us debug this: [ 49.092043][ T3606] [ 49.102319][ T3606] [ 49.102319][ T3606] rcu_scheduler_active = 2, debug_locks = 1 [ 49.110411][ T3606] 3 locks held by syz-executor201/3606: [ 49.116006][ T3606] #0: ffff8880710a5c10 (&sb->s_type->i_mutex_key#10){+.+.}-{3:3}, at: __sock_release+0x86/0x280 [ 49.126625][ T3606] #1: ffffffff8d7bb7b8 (reuseport_lock){+...}-{2:2}, at: reuseport_detach_sock+0x22/0x4a0 [ 49.136726][ T3606] #2: ffff888145bf61f8 (clock-AF_INET){++..}-{2:2}, at: bpf_sk_reuseport_detach+0x26/0x190 [ 49.146903][ T3606] [ 49.146903][ T3606] stack backtrace: [ 49.152832][ T3606] CPU: 1 PID: 3606 Comm: syz-executor201 Not tainted 5.19.0-syzkaller-11980-ge34cfee65ec8 #0 [ 49.162990][ T3606] Hardware name: Google Google Compute Engine/Google Compute Engine, BIOS Google 07/22/2022 [ 49.173032][ T3606] Call Trace: [ 49.176302][ T3606] [ 49.179223][ T3606] dump_stack_lvl+0xcd/0x134 [ 49.183810][ T3606] bpf_sk_reuseport_detach+0x156/0x190 [ 49.189262][ T3606] reuseport_detach_sock+0x8c/0x4a0 [ 49.194449][ T3606] ? netlink_has_listeners+0x21c/0x3d0 [ 49.199897][ T3606] __sk_free+0x130/0x460 [ 49.204131][ T3606] sk_common_release+0x292/0x390 [ 49.209059][ T3606] inet_release+0x12e/0x270 [ 49.213556][ T3606] __sock_release+0xcd/0x280 [ 49.218133][ T3606] sock_close+0x18/0x20 [ 49.222361][ T3606] __fput+0x277/0x9d0 [ 49.226333][ T3606] ? __sock_release+0x280/0x280 [ 49.231180][ T3606] task_work_run+0xdd/0x1a0 [ 49.235672][ T3606] do_exit+0xad5/0x29b0 [ 49.239819][ T3606] ? mm_update_next_owner+0x7a0/0x7a0 [ 49.245179][ T3606] ? _raw_spin_unlock_irq+0x1f/0x40 [ 49.250370][ T3606] ? _raw_spin_unlock_irq+0x1f/0x40 [ 49.255559][ T3606] do_group_exit+0xd2/0x2f0 [ 49.260049][ T3606] __x64_sys_exit_group+0x3a/0x50 [ 49.265062][ T3606] do_syscall_64+0x35/0xb0 [ 49.269469][ T3606] entry_SYSCALL_64_after_hwframe+0x63/0xcd [ 49.275356][ T3606] RIP: 0033:0x7f817527c7f9 [ 49.279758][ T3606] Code: Unable to access opcode bytes at RIP 0x7f817527c7cf. [ 49.287107][ T3606] RSP: 002b:00007fffbd2f3058 EFLAGS: 00000246 ORIG_RAX: 00000000000000e7 [ 49.295521][ T3606] RAX: ffffffffffffffda RBX: 00007f81752f0270 RCX: 00007f817527c7f9 [ 49.303478][ T3606] RDX: 000000000000003c RSI: 00000000000000e7 RDI: 0000000000000000 +++ exited with 0 +++ [